DNS Help Again (sorry)

I’m still struggling, my last thread was closed so i couldn’t reply – i’m still really confused and struggling - every tutorial seems to refer to something that either doesn’t appear the same as what i’m looking at. At this point i’m just a bit lost…

so i logged into 123 reg, added the two Cloudflare nameserves i was assigned

these are my settings on the DNS settings again - apologies for being a massive noob for a 2nd time

and TIA :slight_smile:

I see Dom’s also posting, but your ‘www’ record from the other post is gone now. You still need that.

1 Like

well… i think i’m gonna have to go on 123 reg and delete my Cloudflare account - i’ve asked for help twice, been kindly offered help, but still struggling with it… i can see 5 lines of data in my screenshot - alls i’d require is someone to talk me through each line, and what to put in there. every tutorial i’ve read just talks me through something that looks different to what i’m seeing there

So your goal is for your www.deanglover.com to be your website, and for your apex domain (deanglover.com) to redirect to it, is that correct?

You need to re-add this DNS record for your www subdomain which you apparently deleted at some point (intentionally or not)

Except I would strongly recommend leaving the DNS entry as grey-clouded (unproxied / DNS only) initially until you’re 100% certain everything is working properly, then you can test orange-clouding.

The good news is, your website is there, I can “see” it if I manually work around your lack of DNS entry

$ curl --resolve www.deanglover.com:80:94.136.40.82  http://www.deanglover.com/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html lang="en">
<head><title>Dean Glover PRODUCER</title>
</head>
<frameset rows="100%">
<frame title="http://vibe-studios.co.uk/2020/index.html" src="http://vibe-studios.co.uk/2020/index.html" name="mainframe" frameborder="0" noresize="noresize" scrolling="auto">
<noframes>Sorry, you don"t appear to have frame support.
Go here instead - <a href="http://vibe-studios.co.uk/2020/index.html">Dean Glover PRODUCER</a></noframes>
</frameset>

The bad news is your server is only listening on port 80, it’s not listening on port 443 (HTTPS) at all

but one thing at a time I guess…

get your www DNS entry fixed first, but leave it grey-clouded for now

Ok thanks so much… i’ve now sorted the first line - which now reads;

ok, what next?

thanks again :slight_smile:

Okay so now your website is accessible via http://www.deanglover.com/ so that’s progress

Now we have some more stuff to do:

  1. Your server is only listening on HTTP port 80, it’s not even listening on port 443, used for secure HTTPS traffic. Do you have someone you can contact about this? Server owner or whatever? If at all possible, they need to open port 443 and generate a valid SSL certificate for your site.

If this isn’t possible there are still options but it’s not ideal and it’ll affect what we do later.

  1. From the screenshot you no longer have a DNS entry for your apex domain, I assume you converted it into the www entry, that’s fine, but now you need to create a new DNS entry for the apex domain. Don’t edit the www entry, you need to use the Add Record button which looks like this

image

make a new DNS entry like this:

use @ for the name, and this time go ahead and orange-cloud it because we’re going to be using it with a page rule to forward traffic

when you save it, the @ will turn into the domain name, that’s fine

  1. Now you need to go into Page Rules and create a rule like this:

for now we’re going to be using a 302 (temporary) redirect, and we’re going to be redirecting to HTTP instead of HTTPS because that’s all we have to work with for now, this may change later

Post back when you’ve created the DNS entry and page rule, also, please share the results of any communication you have with the server owner regarding getting HTTPS enabled.

amazing… thankyou so much - so i’ve done what you said (superb tutorial btw haha)

as for the server… i can log into my cpanel and see the following options

apologies the text is small, had to zoom out to get it all into one screenshot

just as a side note - when this website was set up, i was given access to control it, but by the time i’d got round to sorting it all out, unfortunately the gentleman who’d set it up, had terminal cancer… hence why i’m in need of such help - but yet again, thanks so much for the help so far :slight_smile:

also just a bit more info

the website lives on webspace belonging to my studio (VIBE studios) but my domain is from 123 reg…

the whole reason for me signing up to Cloudflare was to sort an SSL https thing out for my website - so at least now i’m back to square one

who would be most likely to be able to provide me with the SSL https?

VIBE Studios webspace? or my domain provider 123 reg?

thanks again :slight_smile:

Okay, so now we have http://deanglover.com/ and https://deanglover.com/ both forwarding successfully to http://www.deanglover.com/ so that’s good

it’s good that you have some level of access to the server, however I’ve never used cPanel and it also seems like the server is running IIS which I’m also not familiar with. You might have sufficient access to open port 443 and do SSL certificate stuff but I wouldn’t be able to tell you how.

123-reg.co.uk seems to be the actual owner of the server in case you want to try to contact them

Now, you do have other options…

if you absolutely can’t enable HTTPS on the server, it’s far from ideal, but you could use SSL mode “Flexible” to encrypt traffic between visitors and Cloudflare, while leaving traffic between Cloudflare and your server insecure. This isn’t great but it’s better than what you have now.

If you want to go that route:

  1. In SSL/Overview set SSL mode to Flexible
  2. In SSL/Edge Certificates, make sure Always Use HTTPS is on
  3. Orange-cloud your “www” DNS entry
  4. Wait at least 5 minutes
  5. Verify that traffic to https://www.deanglover.com/ now works properly
  6. Edit your Page Rule, change “http” to “https” in the destination URL and change the 302 temporary redirect into a 301 permanent redirect

Again, this is not end-to-end secure but it might be the best you can do with your current host

Another option would be to migrate your site to a better web host. Your site seems to be static (no server-side scripting) so it should be fairly easy to migrate. I can’t really make any specific recommendations as to a suitable host… Cloudflare Pages exists and I like it but if you’re a complete novice to web hosting, and have never worked with git repositories before, there would definitely be a learning curve.

Please do not make such suggestions as this is only misleading to the user and will keep his site insecure.

@deano_g88, do not follow this advice, as you’d remove all encryption from your site and keep it on unencrypted HTTP. This simply is bad advice I am afraid.

If this was the only reason for Cloudflare, you can probably skip the whole Cloudflare thing.

What Cloudflare offers is certificates which work in the context of the proxies only. Their advantage over regular certificates is that they are easier to issue and can be valid for years. However, they do require you to proxy your site.

In general, it should really be your host who takes care of SSL. Cloudflare won’t be able to offer anything here, which you don’t need to have already on your server anyhow.

I think i’m getting there… thanks for the help guys – i’m on 123 reg now and i can see the SSL purchase section

@sandro - i think you’re right, after all this, i probably didn’t even need Cloudflare anyway! so i’m probably going to end up just resetting the name servers back to how they were on 123 reg, pre-me setting up a Cloudflare account.

Thanks though, you’ve helped me a lot. Cheers guys.

While there is nothing wrong with paid certificates (as long as they are reasonably priced - and that means not more than $10 a year), you should be aware that there are plenty of free offers. Aforementioned Cloudflare certificates, but also regular Let’s Encrypt certificates. They are perfectly free.

But yes, if SSL was the only reason, Cloudflare won’t offer you all that much I am afraid.

123 reg are quoting me £60 a year! which is like £6 a month for SSL?

Are the ‘Let’s Encrypt’ certificates difficult to set up? and would a Cloudflare account help and be of any utility if i were to get a Let’s Encrypt one?

LetsEncrypt is simple but the more serious issue is that your server isn’t even listening on port 443 so putting any kind of certificate on it it is pointless until that’s addressed.

It should be rather £6 a year :slight_smile:

Let’s Encrypt certificates are not difficult to set up, but this really is something your host should do and they should not charge for that.

Based on what you wrote, I’d highly recommend to switch to another host.