Need help understanding http and https

Hi all after some more advice

Something has got me completely baffled, I am new to this so bear with me

My wp site www.orrellelectrics.co.uk is saved in wp admin as http://www.orrellelectrics.co.uk and I am using cloudflare so it shows online as https://

Now in Google search console I am having canonical issues

All of my sitemap .xml are in http:// format

Can I change my settings in wp admin area or will that lock me out of my site?

Basically can I get Yoast to create my sitemap .xml in https:// format

The reason for this is Google is only showing my homepage and not the rest of my pages but I can only list pages in http format

1 Like

Was your site configured for HTTPS before you added it to Cloudflare?

Honestly I dont fully know

That is not helpful in any way sorry

It sounds like your site wasn’t properly set up for HTTPS before you added it Cloudflare, and that’s what’s causing the problems. You should get a web developer to properly configure your site for HTTPS on the server.

So should I remove cloudflare to ‘fix’ the issue?

It would be good to “Pause Cloudflare on Site” from the bottom right corner of the Overview settings page at dash.cloudflare.com. Then you can work on setting up HTTPS on your server before you Un-Pause Cloudflare.

1 Like

Thank you I will look into it now

1 Like

Hi my host namehero issues free ssl certs with lets encrypt

Am i right in thinking I can just change my url in wp admin settings?

Do I need to pause CF to do this? it is built into software in my cpanel

Good find, @gap30, that looks like you have a certificate.

I would seem updating those addresses makes sense, but will leave that to @sdayman to comment as I’m not overly familiar with the wordpress admin.

After you test that, please let us know how it works. And, if you have an issue after changing your settings, can you disable TLS 1.3 on the edge certificates tab of the DNS app on your Cloudflare dashboard? I’d be surprised if it’s related to the issue you’re seeing, but I did notice some errors with it.

Have paused CF for my site, am thinking to go back to the default nameservers

Delete the cert and let a new one propogate

Go ahead and delete all those expired certificates. Only the top one is still valid.

I see that you’re in wp-admin with HTTPS, which is great. Yes, change those two URL entries to be HTTPS. It may kick you out when you click Save, but that should help.

The next snag is that now that you’ll have your site configured for HTTPS, there may still be some hard-coded HTTP references in some pages and posts. Usually for embedded images. You may need a plugin to do search/replace in the database. But first make sure you’ve backed up your site.

This one is pretty good:https://wordpress.org/plugins/better-search-replace/
You’ll search for http://www.orrellelectrics and replace with https://www.orrellelectrics
(it doesn’t need to be the entire URL, as it will often include a path/file as well)

Again, make sure you back up your entire site (including database) before you try this.
https://wordpress.org/plugins/all-in-one-wp-migration/ is a good backup plugin. Their free version maxes out at 512MB of data, so it’s good for smaller sites.

1 Like

Hi I deleted all of them and returned to default nameservers and a new certificate was generated

Ok can I now go back to cloudflare nameservers and unpause cloudflare?

Thank you for your help it is much appreciated

That looks great! You’re all set to go back on Cloudflare. Just make sure your Cloudflare SSL/TLS mode is set to Full (Strict).

1 Like

Thank you so just to double check I can change my nameservers back to cloudflare

By the way you absolute fing legend: https://www.orrellelectrics.co.uk/page-sitemap.xml

2 Likes

Yes, but also go to the SSL/TLS page at dash.cloudflare.com and make sure your mode is set to Full (Strict).

1 Like

Hi I have set it to Full (Strict) I take it I have the requirements?

Encrypts end-to-end, but requires a trusted CA or Cloudflare Origin CA certificate on the server

You already have a trusted Let’s Encrypt cert on the server. You shouldn’t have to do anything else.

2 Likes

This topic was automatically closed after 31 days. New replies are no longer allowed.