Возвращает не тот ip

dns

#1

доброе время суток подскажите я не давно подключил ssl на сайт https//koktebel.club.
изначально я был на yandex dns потом нашёл во это dns https//www.cloudflare.com/a/crypto/koktebel.club пока был на протоколе http было хорошо перешёл на ssl https//koktebel.club сайт не погружался долго ломал себе голову потом выяснил что ip адрес 195.189.18.137 а возвращает не тот ip и сайт не грузится я вернулся yandex dns все заработала
подскажите что делать чтобы остаться на этом сервисе


#2

koktebel.club is resolving the ip you mentioned in your post. So it doesn’t seem to be wrong. (some kind kind of a news page?)

I didn’t get your problem since Google can’t translate this correctly :frowning:


#3

у меня ip 195.189.18.137 закреплен за адресам сайта koktebel.club.
работал на http я перешёл на https.
dns хостинг был yandex dns перешёл на cloudflare
появилась проблема когда был http работало хорошо перешёл на https перестал работать мне пришлось возвращатся на yandex dns все заработало.
я пока выяснил проблему почему не работает я наткнулся на такой нюанс когда я на этом dns хостинге cloudflare мне возвращает не мой ip 195.189.18.137 а левый какой то каждый раз рандомно. А когда я на yandex dns то возвращает мой ip 195.189.18.137 и все работает.
как мне настроить или что сделать чтобы я мог через этот сервис работать cloudflare


#4

Well, first ensure that you’ve set the correct A records for

koktebel.club and
www.koktebel.club

They should point to your IP. Set them to :grey:
Activate SSL and wait up 24 hours until the SSL certificate is issued. It can take some time.

To use full SSL there must be an active SSL certificate on your origin server. Use one of the following SSL settings:

Flexible when there’s no certificate installed. Careful: traffic between the client ad CloudFlare will be encrypted. Traffic between CloudFlare and your server will not

Full when there’s a cert installed on your origin but it’s Invalid because it is a self signed cert or it is expired. Cloudflare doesn’t verify the cert. All traffic will be encrypted. Use this too, in case you have trouble with ‘full (strict)’

Full (strict) if you have a valid cert (Let’s Encrypt, Comodo and so on) installed.

Try again and set your records to :orange:

Regarding the “random” IP:
This is intended. When you set your DNS records to :orange: your origin IP will be hidden and a lookup will show CloudFlare IPs. All visitors connect to CloudFlare while CF fetches the content from your server. There is no longer a direct connection between the clients and your server.

Hope this helps :slight_smile:


#5

сертификат получал certbot eff org на сервере через Apache2 сделано перенаправление с 80 на 443 порт.
настройка apache2
<VirtualHost *:80>
ServerName koktebel.club

ServerAdmin [email protected]
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined


RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}
#Redirect permanent / https://koktebel.club

<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

ServerAdmin [email protected]
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf

RewriteEngine on

ServerName koktebel.club
SSLCertificateFile /etc/letsencrypt/live/koktebel.club/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/koktebel.club/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

#6

This topic was automatically closed after 14 days. New replies are no longer allowed.