Site doesn't load when A records are proxied

DNS & Network
#1

Hi

My site does not load on Edge, Firefox and mobile browser when A records are proxied in DNS. but, with the same settings, it loads on Chrome.

Screenshot of DNS zone - https://snipboard.io/FOE5Hr.jpg

The site loads perfectly fine on all browsers and networks when A records are DNS only.

Screenshot of DNS zone - https://snipboard.io/CYAScL.jpg

My site is hosted on WPX server. Currently, A records are DNS only but I can make then proxied for testing.

Please help.

Thanks.

#2

Greetings,

Thank you for asking.

I am sorry to hear you arexperiencing an issue with your domain name while using Cloudflare. But, nevertheless we are here to help :slight_smile:

May I ask what error do you get?
Could you please share here with us a screenshot of the error in your Web browser?
Furthermore, what is the domain name?

Before moving to Cloudflare, was your Website working over HTTPS connection?
May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?

When I try to open learnerzhub.com, I got this returned.
May I ask if it is working now, or there are still some issues?

Screenshot 2022-04-04 at 05-14-31 LearnerzHub - Live to learn
Screenshot 2022-04-04 at 05-14-31 LearnerzHub - Live to learn1920×1057 80.5 KB

#3

Hi,

Thank you for your response. Let me answer your Q.

The error comes only when A records are proxied (https://snipboard.io/FOE5Hr.jpg). The site does not load on on Windows Firefox, Edge and Android browsers. However, it loads well on Windows Chrome.

Here are a few screenshots from Edge browser when A records are proxied.

Here are a few screenshots (from Edge) that show the error
https://snipboard.io/RkPy4u.jpg, https://snipboard.io/RkPy4u.jpg, https://snipboard.io/PQlJ8w.jpg

Before moving to Cloudflare, was your Website working over HTTPS connection?

Yes. I was using Nitropack before Cloudflare. After moving to Cloudflare, I activated WP cache plugin. I tried W3 Total Cache and WP Cloudflare super page cache. Currently, WP Cloudflare super page cache is activated.

I have checked by deactivating cache plugin also bu the same error appears when A records are proxied.

May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?

I have tried both Full and full Strict. Currently, it is Full.

When I try to open learnerzhub.com , I got this returned.

Currently, the website is loading normally as A records are not proxied. I can turn on proxy to find the root cause of the problem.

Additionaly, I noticed a strange thing today. The analytics graph for unique visitors and total requests shows 0 when proxy is turned off. Here is a screenshot - https://snipboard.io/AlRG8w.jpg

Thanks again.

#4

Hi Experts,

Please help…

Thanks.

#5

Change that to Full Strict for starters, otherwise you have no security in the first place.

As for the issue, post a full page screenshot of https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/edge-certificates

#6

Thanks for your response.

As per your suggestion, I have changed the configuration to Full Strict - https://snipboard.io/egJ8OU.jpg

Here are screenshots of “edge certificates” configuration:

  1. https://snipboard.io/cHxBeQ.jpg
  2. https://snipboard.io/rVeW7m.jpg
  3. https://snipboard.io/es5M1B.jpg
  4. https://snipboard.io/wW8nYP.jpg

The site is hosted on wpx.net. So, I used their recommended settings for Cloudflare. Other than that, everything is default. WPX settings are described in this article - How do I Configure my Existing Website with CloudFlare? | WPX.net.

Thanks again.

#7

That’s interesting, your certificate is properly listed and your domain also seems to be active, but the proxies still have no certificate or your site.

  • Can you unpause Cloudflare for now?
  • Is your host offering any Cloudflare integration? Often hosts add your domain to their own account, in which case your settings would not apply and you would need to remove your domain from their account.
#8

Thanks again.

Can you unpause Cloudflare for now?

You mean pause it. I have done it.

Is your host offering any Cloudflare integration?

No. They do not offer Cloudflare integration. WPX market their own cloud platform but I have found Cloudflare to be better - https://kb.wpx.net/introducing-the-wpx-cloud-why-your-website-needs-it/

#9

Unpause

#10

It was upaused. I have unpaused it again - https://snipboard.io/L0afRG.jpg

Current;\ly A records are not proxied - https://snipboard.io/EZzhUN.jpg

Thanks.

#11

Check out Community Tip - Fixing SSL ERROR NO CYPHER OVERLAP in Mozilla, especially #2.

#12

Thanks. I have done #1 and #2 without any success.

I tried #2 twice in two different ways:

  1. I proxied the A records and then Disabled Universal SSL. The site stopped loading everywhere. Here is a screenshot fro Chrome - https://snipboard.io/ZQ6dWy.jpg. Waited for aanother 5 minutes but the site didn’t load. So, I enabled Universal SSL and removed proxy from A records.
  2. Waited for about 30 minutes and then Disabled Universal SSL while A records were not proxied… The site was loading fine. Waited for 15 minutes and then enabled Universal SSL. After this when I proxied the A records, same error appeaed in Firefox - https://snipboard.io/AlXrwk.jpg.

For now, I have again removed the proxy from A recods.

Please let me know what I should do.

#13

It just loaded fine via the proxies, but now throws an error again. Have you just changed anything?

#14

The curious bit is, ftp.learnerzhub.com does work on SSL, whereas www.learnerzhub.com does not.

There’s either something off with your configuration or your domain is stuck with another provider configuration.

You said your current host does not offer any Cloudflare services. Have you ever added your domain to another provider, which could offer such an integration? If so, the domain might still be stuck with them and you’d first need to get them to delete your domain from their configuration.

#15

The domain was hosted on SG till about a year ago. Currently, it is hosted on WPX. Let me touch base with SG and ask them about it.

I will update the thread as soon as I hear from them.

Thanks.

#16

As far as I know they do offer a Cloudflare integration, and in that case your domain might still be active on their Cloudflare account. They would need to delete that first.

#17

Contacted SG and told them about the problem. They are saying that they cannot do anything since our account was deleted from their server. They suggested to contact Cloudflare for removig this domain from their servers.

Please help. I don’t know how to remove legacy records from Cloudflare since those were created by SG service.

Here is the transcript of chat with SG

Welcome to our LiveChat!

04:07 PM

Let me check on that, please

04:08 PM

I see your account was last active by 2021-05-25 and was terminated after that since it wasn’t renewed, so at the moment of termination any services related with the domains , be it Cloudflare or some other is permanently deleted and deactivated

04:09 PM

That said, at the moment both domains mentioned are currently with Cloudflare name servers, so while the domains exist in there and work with their name servers Cloudflare cannot be activated with another hosting company

04:09 PM

You should point the domain names to the other hosting company and then delete the domains from cloudflare.com as per: https://support.cloudflare.com/hc/en-us/articles/360033554252-Removing-a-domain-from-Cloudflare

04:10 PM

I understand, however in this situation that isn’t relevant firstly because there is no longer active service on our end and secondly because the domains are set through cloudflare.com with their name servers, so the above should be done

04:11 PM

How to login to Cloudflare? With which credentials? because Cloudflare service was integrated with SG and I didn’t have a seperate Cloudflare account back then.

04:13 PM

That will have to be checked with their support additionally, because I’m afraid we don’t have access to this information, where you can provide them with those two links to confirm domains are on cloudflare.com and with their name servers:

04:14 PM

04:14 PM

these urls are not opening on my browser

04:15 PM

That’s okay, you can copy them and forward to cloudflare.com they’d be able to load them where from your end you can try loading them from kproxy.com/

04:16 PM

So, as I understand, I have to contact Cloudflare and ask them to remove legacy domains from their servers. After that, I can configure Cloudflare on my sites.

04:20 PM

Is it correct?

04:21 PM

That’s right, yes, where you should additionally point the domains to the other company name servers as well

04:21 PM

SG cannot do anything. Is that also correct?

04:22 PM

That is correct, yes, since there is no active service or domain registration with us currently no actions can be taken from our end

04:23 PM

#18

They did not really try to understand your issue, did they? :slight_smile:

Assuming this was their configuration, they do have control over that and could remove the domain. But it seems they did not really understand it and gave you a canned response.

Anyhow, all you can do at this point is open a support ticket and point out that Cloudflare needs to delete that configuration entry manually. You will probably have to do run some verification step, but that will be handled via the ticket.

Your ticket will most likely be automatically closed, but if you post it here, I can ping support staff.

#19

Thanks again. :slight_smile:

I have opened a new ticket with support. Ticket number is 2420232

Need MoreHelp with 2420232.

#20

You don’t :wink: