Transferring website from hosting service to home webserver

I have been using Cloudflare for my website, which is hosted on a commercial service. As my site does not have an SSL certificate, I use Cloudflare’s “flexible” SSL service.

I am in the process on transferring my site from the commercial hosting service to a home webserver. I have set the A records for mysite.com and www to point to my home webserver’s IP.

The result is that when I access the site with http://, I get to my home webserver, but when I use https://, I get the site from the commercial hosting service.

What else do I need to change to get https:// to access my home webserver?

Thanks for any help.

That’s the first thing you should fix as your site is still insecure and has no encryption in this case.

That’s the first thing you should fix as your site is still insecure and has no encryption in this case.

That’s not a concern for this site. It’s not interactive, so data privacy is not an issue. I just don’t want my readers to see a “Not secure” message on their browser.

If encryption is not an issue the “not secure” is not an issue either. You really need to decided if you want encryption or not. If you do you need a server certificate. You don’t want to lie to your visitors, do you?

Encryption is not an issue, but “not secure” is. Many less digitally-sophisticated visitors will be put off by the “not secure” notice, thinking that they will get a virus or something bad from visiting the site, not understanding that it’s not an issue if there is no transfer of data.

Secure and encryption go hand in hand. If you want encryption you’ll need a certificate on both ends and need to configure that on your server. That’s a matter of a few seconds.

Clearly not always hand-in-hand, because Cloudflare offer the “flexible” SSL service, which previous worked well for me. Anyway, this is off-subject. I would still like help with the problem I originally stated.

It does, just because Cloudflare made a bad decision does not mean one needs to follow it. Flexible is insecure and naturally highly discouraged, there’s an entire dedicated article on that. Using Flexible means you lie to your visitors and pretend to have a secure site when you don’t.

If you need a certificate you simply need to get any certificate issued (Lets Encrypt or Origin certificates) and install that on your server. That’s it. The search here will have all the details on that as that subject comes up every five minutes anyhow.

You convinced me. I set up an Origin Certificate on my site. Still curious why what I tried previously did not work.

It’s difficult to tell what the exact reason is, but that context switch between encrypted and unencrypted often is the reason for sites breaking. That’s one more reason why Flexible is very much discouraged

Why flexible SSL mode is not the best choice

There were plenty of discussions on that topic with Cloudflare but for the time being they have been adamant on keeping that encryption-breaker.

I am happy that it now works for you, just make sure your encryption mode is “Full strict” and not just “Full” and that you do not have any mixed content.

Thanks

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.