Yep, make sure the root domain (domain.com) is cloudflare-enabled (orange cloud) and ensure your SSL level is set to flexible, full or strict. Make sure no page rules are cancelling out your SSL settings.
Thanks for your answer, but the problem my web hosting uses cloudflare by default in the plesk12 (on / off) control. so I can not change anything in DNS parameters cloudflare … see this image
thank you very much
It’s easier to use the Crypto tab to set your account to Always Use HTTPS. Maybe this will fix the problem.
As for your DNS records, since it’s controlled by a third party, there might be something you’d have to do at Silicon Oasis. Hopefully there’s something over there that determines if you’re routing through Cloudflare or not.
Hi Thank you for your answer.
Always Use HTTPS [On] . I will contact Silicon Oasis. Thank you
One of the limitations of a CNAME setup is that we typically can’t protect the bare root… Technically the RFCs don’t allow for a bare root to domain to be a CNAME value.
The other option would be to sign the domain up with Cloudflare directly in full mode which would involve making us your DNS provider and would allow for us to protect the bare root.