Configuring Cloudflare with surge.sh hosting

bott.ryan · January 5, 2021, 6:46pm

Hi there,

I have some hosting set up through surge.sh and signed up for the CloudFlare free plan to get access to SSL encryption for my site.

I’ve added the CloudFlare nameservers to my domain registrar account, and imported my DNS settings into CloudFlare, but I’m still getting a Not Secure message when viewing my site.

The CNAME record shows as proxied through CloudFlare with the orange cloud, and I have these CloudFlare settings enabled:

Flexible mode turned on
Always Use HTTPS turned on
Automatic HTTPS Rewrites

Is there anything anyone can suggest that I’m missing from my configuration?

Thanks for your help!

sdayman · January 5, 2021, 6:51pm

Your browser is not wrong. Flexible SSL is not secure.

bott.ryan · January 5, 2021, 6:55pm

Hi @sdayman,

Thanks for your reply.

I had been wondering about that.

Surge.sh has a free hosting option but if you use your own custom domain an SSL is not provided for you and can’t be uploaded, so switching to Full Mode wouldn’t help since you can’t actually get a SSL cert onto the server.

Just wanted to type up my current understanding now. Does that sound about right?

sdayman · January 5, 2021, 7:06pm

That sounds correct. Without SSL on your server, you can not switch to a secure Full (Strict) connection.

system · February 4, 2021, 8:26pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
Doesn't work for me: Flexible Encrypts traffic between the browser and Cloudflare Security	5	1879	July 8, 2022
SSL https issue Security	3	3714	August 4, 2020
SSL from FLEXIBLE to FULL will point to wrong website? Security	2	2367	April 3, 2021
Whenever i start 'Always Use HTTPS' on cloudflare my website down Getting Started	2	2383	May 23, 2020
Deprecated - Why flexible SSL mode is not the best choice Tutorial Tutorials	0	33201	February 20, 2019

Configuring Cloudflare with surge.sh hosting

Related topics