I today installed Cloudflare on my website and configured name servers and every other necessary setting. When I checked from my account, it says Cloudflare is protecting your site and is active. But in actual it is not working on my site. It is showing a not secure icon in the address bar on web browsers and when the user wants to open it, it shows not secure, don’t proceed. For reference, the link is: www.topitworld.com
Please check and help me.
Hi @jawadtahir9, it’s working. Perhaps try one more setting, on the SSL/TLS app, Edge certificates tab, can you enable always use https?
There is a bit of mixed content that is causing the issue, ^switch may help, if not, you’ll need to edit the site code.
Mixed content errors mean that your website is being loaded over HTTPS but some of the resources are being loaded over HTTP. To fix this you will need to edit your source code and change all resources to load over a relative path, or directly over HTTPS.
For example, if you load your images with a full URL:
<img src="http://example.com/image.jpg" />
You would want to change this to:
<img src="//example.com/image.jpg" />
By removing the http:
, the browser will use whichever protocol the visitor is already using. An alternative option would be to enable the Automatic HTTPS Rewrites feature that can potentially fix these errors for you automatically. Do be aware that resources loaded by JavaScript or CSS will not be automatically rewritten and mixed content warnings will still appear.
See this Community Tip for further details.
1 Like
Thanks for the detailed reply.
I think ssl is working partially on my website as LOCK icon is not visible in the URL bar of web browsers.
I have set all according to your guidelines such as “enable always use https” and automatic https rewrites. In SSL/TLS i have set to FULL.
Please check the attached screenshot to see why lock is not visible in address bar?