Not able to login to subdirectory


#1

I am unable to login to a subdirectory of my website after using Cloudflare SSL.
My question: Do I have to register the subdirectory of the website with Cloudfare after having registered the main directory of the website?
If the answer to the above is no, then my follow-up question is: After removing going through Cloudflare by greying out the clouds under DNS “Manage your DNS settings”, I still could not login to the subdirectory.
Could someone advise what I should do?
(Note: Previously I have the same problem with the main directory due to some security settings of a plugin that I used. However, I was able to get login to the main directory after bypassing Cloudflare by greying out the clouds under DNS settings as mentioned above. But this time round, the method does not work.)


#2

You probably need to setup a page rule to change caching behaviors for your login page. I think this example should give you some direction.


#3

The subdirectory I was trying to log into is kathok.org.sg/cn
Could you confirm that I should type in "kathok.org.sg/cn* in place of “cloudflare-pro.com/wp-admin*” in your example?


#4

I set up the page rule as per your example for the url www.kathok.com.sg/cn*. It does not work. When I type www.kathok.com.sg/cn/wp-login.php, I was brought to a rather stripped-down login page (not the usual Wordpress login page). I keyed in my username and password but still could not get in.


#5
  1. A correction, as it appears it’s really a .org.sg, as you posted a bit earlier.
  2. Your stripped down page is due to mixed content:
    https://support.cloudflare.com/hc/en-us/articles/200170476-How-do-I-fix-the-SSL-Mixed-Content-Error-Message-

#6

Indeed, there was a typo in my post but it was correct in the page rule.

I still don’t know how to fix the problem with the information given in the link you provided. I don’t understand what the word “resources” is referring to and how to “copy the url of the resource in your (i.e. my) browser…”. Could you elaborate on the steps that I should take? Whether I typed http://kathok.org.sg/cn/wp-login.php or https://kathok.org.sg/cn/wp-login.php makes no difference.

Do note that I am trying to LOG INTO the subdirectory, and it is the login page that appeared to be stripped down and although there are boxes for me to enter my username and password, I still could not get to the admin page.


#7

You have Cloudflare set to use SSL for your site, but your site isn’t entirely configured for SSL.

  1. Do you/Can you have your server configured for SSL? Many hosts offer a way to install a free SSL certificate. This makes it very easy to fix your Mixed Content error.

  2. It looks like you’ll still be able to log into your Wordpress admin panel. If so, can you check Settings -> General for the URLs your domain is set to? I’m curious if it’s “https” or “http”


#8

Hostgator is the host for our website. They don’t offer free SSL, which is why we went via Cloudflare route for our SSL.

And, no, I am still unable to log into my wordpress admin panel for the subdirectory.


#10

I have checked with my website host (Hostgator) and they told me that they have checked and there is not problem with the configuration of the server. The problem is not at their end. They said the problem lies with Cloudflare, perhaps due to some caching issue.


#11

Sdayman suggested that my problem could be due to my website server not being fully configured for SSL. I have just checked with my website host (Hostgator) and they told me that they have checked and there is no problem with the configuration of the server. The problem is not at their end. They said the problem lies with Cloudflare, perhaps due to some caching issue.

Please advise what I should do next.


#12

I noticed that the “green lock” does not appear when I type the subdirectory url. Does this mean that the SSL of Cloudflare is unable to go down to the subdirectory?


#13

There’s nothing wrong with your server’s configuration. It’s just not set up to use SSL.

The challenge is trying to band-aid SSL over a non-SSL server. Cloudflare is trying to let visitors use SSL, but parts of your site are insisting on plain HTTP. This is causing the mixed content issue.

Double-check the Crypto tab here at Cloudflare. I know you have SSL Enabled, but scroll down and check the following:

  • Always use HTTPS (I think you have this enabled, which it should be)
  • Automatic HTTPS Rewrites should also be on. Let us know if this was on or off. It should be on.

The screenshot below shows my HTTPS connection that’s not fully secure. There’s a green lock, but it includes the mixed-content warning.
login


#14

I did not have the https rewrite on. I have changed that. Now I could log into the subdirectory and the green lock icon can be seen on the browser tab. Thanks sdayman. You been a great help.


#15

Glad you were able to get it worked out. Thanks for your patience!


#16

Thank YOU.