My site here https://pencilvest.com is a simple site made of html/css files only. I have signed up with Cloudflare and successfully changed all the nameservers etc. I also have configured to redirect to HTTPS, all other basic stuff that I can see from google.
What I don’t understand is that it still won’t redirect to the https version, and when I manually type the https it gives me “unsecure” warning.
How to fix this? This is my first time using all html/css files. Had this been Wordpress I can easily configure this.
You currently do not have a valid certificate on your server and hence can’t have a secure encryption mode on Cloudflare either. You should change the encryption mode on Cloudflare to “Full strict” and make sure your server certificate is fixed and renew it whenever necessary. Cloudflare also offers Origin certificates in this context which you still have to install on your server however.
I just changed it to Full Strict, but I am not sure how to do/follow/obtain the rest of your instructions.
Please do not misunderstand me, but what is the difference with Wordpress platform? I don’t usually have to go through the “server certificate” complications.
You need a certificate on your server and your host will most likely have to provide that. Right now you only have an invalid certificate there and because of that Cloudflare cannot validate the connection and you get that 526 error. As long as that is not fixed you’ll have an insecure setup.
It’s not really Wordpress related but rather something you need to do on a webserver level and that’s where your host most likely comes in. Either they make sure that you a proper certificate or you need to configure this yourself. The options here are any paid certificate, a free Lets Encrypt certificate, or also an Origin certificate from Cloudflare. Your host should be able to help here and the search on the forum will also have lots on it.
Should you decide to go for an Origin certificate, then you can get that issued at https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/origin. Origin certificates typically are easier to handle, but they only work in context of proxied DNS records and will throw a warning should you unproxy.
First, we recommend checking your domain using nslookup or dig to confirm your domain is managed by Cloudflare. Once you change you nameserver to Cloudflare, universal SSL certificate is issued automatically.
Your domain is not set at Cloudflare.
;; Received 839 bytes from 192.5.5.241#53(f.root-servers.net) in 1 ms
pencilvest.com. 172800 IN NS ns14.sluhosting.com.
pencilvest.com. 172800 IN NS ns15.sluhosting.com.
;; Received 124 bytes from 192.12.94.30#53(e.gtld-servers.net) in 2 ms
pencilvest.com. 14400 IN A 207.244.229.193
;; Received 59 bytes from 207.244.229.193#53(ns14.sluhosting.com) in 32 ms
Looks better, your server now has a valid certificate. If you enable Cloudflare again it should work fine, just make sure your encryption mode is “Full strict” and that you renew your server certificate whenever it expires (the current one expires in April).
