SSL DRAMA: A Love Triangle Between SquareSpace, Wordpress, and GoDaddy

I purchased my domain through It says the SSL is active.

I found out that it would be better to build my site on because reasons. I got hosting through GoDaddy to build the site. Since the domain name is less than 60 days old, I can’t transfer it, but I can redirect it. I added GoDaddy’s custom IP address to the DNS settings in SquareSpace, and voila, the site redirected perfectly.

I noticed that I was seeing the “site not secure” icon in the address bar of my site. I was confused, because again, I thought that this was already taken care of through SquareSpace.

I followed a YouTube tutorial to get a free SSL certificate from Cloudfare by changing the nameservers. So, I went into the domain settings in SquareSpace and followed the instructions to add Cloudfare’s hoodoo to the nameservers.

All of a sudden, the redirect is broken. GoDaddy is mad. There is a big red notification in the Domains list. It wants me to add their IP address into the DNS records in SquareSpace and refresh the Domains list when I’m done.

The problem is that the IP address is still there from when I entered it the first time. It sits there, happy and compliant, in its little ‘Custom Records’ row. But for some reason GoDaddy can’t see it, no matter how many times I refresh.

Now there is a new notification in the settings on SquareSpace–not red and angry like GoDaddy, just blue and disappointed. It says that since the nameservers have changed, I have to run the DNS records through whichever 3rd party site is running the nameservers. I assume that means Cloudfare. And now I don’t know what to do, because obviously the YouTube tutorial didn’t foresee these shenannigans.

Guys, I’m just trying to get some security on my site and move on with my life. What should I do?

I’m curious as to how the redirect works. Then again, if your domain (which you haven’t let us know so we can see what’s really going on) is using Cloudflare name servers, there should be no need to redirect. You’re certainly not the first person here to use Cloudflare for a GoDaddy site.

So…what’s the domain?

The domain is

It looks like you’re using two sets of name servers: NSone and Squarespace.

  1. That generally doesn’t work well, as they argue with each other.
  2. Neither of them are Cloudflare. Until you set them to Cloudflare, there’s not much we can do to help.
  3. And just to be thorough…it’s not proxied by Cloudflare, either. It’s coming straight from GoDaddy.


Ok. I’m back for the evening. Go ahead and switch them back for a bit.

And, just to be clear, the site is hosted at GoDaddy? With an IP address that you’re using in the Cloudflare DNS screen?

Hi, okay, I will switch them back. Give me a minute, because I can’t remember how to do it.
You are correct, I am hosting the Wordpress site at GoDaddy. I put GoDaddy’s IP address into the DNS settings of SquareSpace, where I originally purchased the domain name. That is the only place I put the IP address. This is my first time working with Cloudfare, I don’t know what goes where until someone tells me. Are you saying I should put the IP address into Cloudfare?

I switched them back. I’m seeing this notice on the Cloudfare DNS page:
Add an A, AAAA, or CNAME record for www so that will resolve.

That’s where you need to put the GoDaddy IP address that you just put into SquareSpace.

It looks like you’re mostly there. One more step:

When I looked at the DNS settings, the GoDaddy IP was already there. I didn’t put it there, I think it Hoovered it from my SquareSpace settings.

I’m not sure what to do with the redirect tutorial. I’m not changing the domain name to or from anything like the video is talking about.
Plus there’s still this:

No need to follow the video. The first steps show you how to add that “A” record your picture is asking for. And then how to add a Page Rule so anybody trying to go to to the “www” version of your site will be forwarded to the correct URL.

Or…add another “A” record as shown in the DNS tutorial a few posts up. The “name” will be just ‘www’ (no quotes) and the IPv4 address will match the one you already have for

Either method will work, but the first one is a faster redirect.

Looks like the site is back, yay! But there’s still a problem: the site is still coming up as not secure. That was the whole point of bringing Cloudfare into my life. What might be the problem?

It looks secure to me. Normally I’d say it’s Mixed Content, but I’m not seeing any warnings.

Oh! It didn’t look that was for me, and I opened it in an incognito window. Maybe it took a moment to work.
Thanks for your help!!

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.