SSL Problems

ssl
dedcerts

#1

Hey guys, just a little overwhelmed and confused here.

About 2 days ago I ordered a Godaddy SSL certificate because I did not know Cloudflare offered one.

I set up Cloudflare SSL a day ago and everything seemed to be working fine so I called godaddy and told them to revoke their certificate and give me a refund. As soon as they did, my whole site crashed.

After calling them and them saying it was a problem on Cloudflares end, I simply went to the SSL section and went from full to off. The site works now. I do not understand what is happening? The site still says secure through Cloudflares certificate yet I shut the SSL off. By the way, I purchased a dedicated certificate.

One other issue, www.stocktrades.ca, and http://www.stocktrades.ca all work fine, they all end up at the https version.

When I just go to stocktrades.ca, I get this error

Warning: Cannot modify header information - headers already sent by (output started at /home/stocktrades123/public_html/wp-config.php:1) in /home/stocktrades123/public_html/wp-includes/pluggable.php on line 1207

All a littlw overwhelming right now, as we are hosting a huge site giveaway and any downtime is just killing us. Any solution as to whats going on? If I leave it the way it is right now is my site secure? How do I fix the non www error.


#2

Another little piece of info.

In the DNS, my A is pointed to GoDaddys shared IP, but when I actually look up my DNS, the IP is completely different, associated with Cloudflare.


#3

Hey there. I’ll see if I can help with your issue. This seems to be more related to Wordpress or DNS than SSL - as I can see that the https://www.stocktrades.ca site certificate is issued from Cloudflare.

Leads me to believe that you have a blank line and/or whitespace at the start of your wp-config.php file - is this possible?

This is normal. When you have your DNS records ‘orange-clouded’ :orange: Cloudflare proxies all traffic and conceals your origin server IP address.

If your wp-config.php is fine (no whitespace on line 1) I’ll have to do a bit more investigation.


#4

Have you tried setting SSL to flexible?


#5

Hey andy, thanks for the quick reply. No whitespace in my wp-config file, I have even edited it in notepad++ and converted it to utf-8.

This is what I did to get the error to go away, although now it redirects stocktrades.ca to https: //stocktrades.ca then to https: //www.stocktrades.ca which is not ideal.

RewriteCond %{HTTP_HOST} ^stocktrades.ca [NC]
RewriteRule ^(.*)$ https ://www.stocktrades.ca/$1 [L,R=301]

What about the SSL option on Cloudflare? At first I changed it to off, then I changed it to Flexible but whenever I go to strict my whole site crashes. Is my site running correctly as the settings are now? Nothing is cached or something that will cause it to break later?

And also, why is my page rule http://stocktrades.ca Always Use Https not working? I shouldn’t have to enter that rewrite script into my .htaccess should I?

The spaces in the links are only so I can get this posted.


#6

I did yes and got it working Ryan. The weird thing is, is before they revoked the Godaddy SSL, I had it on full and it worked perfectly fine. Once they revoked it it caused my site to crash.


#7

You should only set to full if you have a :cert: on your origin. Perhaps it was there temporarily and stopped working when they got your request to revoke/refund.