Unable to disable Email Address Obfuscation

no integration - no proxy - no other service provider - cloudflare domain → hosting that is all

Where does your www record point to? To endpoint.mykajabi.com?

yes that is correct

That’s precisely what I meant by integration. Their Cloudflare settings currently take precedence.

$ curl --connect-to www.launchpad.design:443:endpoint.mykajabi.com https://www.launchpad.design/site-stylesheet | grep Lato
@import url('https://fonts.googleapis.com/css2?family=Roboto:<a href="/cdn-cgi/l/email-protection" class="__cf_email__"    dat a-cfemail="394e5e514d790d0909">[email&#160;protected]</a>&family=Lato:<a href="/cdn-cgi/l/email-protection" class="__cf_email__"    dat a-cfemail="d0a7b7b8a490e4e0e0">[email&#160;protected]</a>&display=swap');
    font-family: 'Lato';
    font-family: 'Lato';
    font-family: 'Lato';

Using Cloudflare together with another service which also uses Cloudflare often is tricky or not possible at all. I’d contact the host and ask if they can disable the Cloudflare integration for you, in that case your own settings should apply again.

Also, your encryption mode most likely is only on Full and that wouldn’t be secure either.

The orange to orange problem has more on that too.

If I change the header to output text/html - it works perfectly and Email Address Obfuscation is actually not enabled at the host - it is only after the request comes through cloudflare that Email Address Obfuscation is applied and applied on the CSS which is documented that does not happen?

As I mentioned.

You’d need to talk to your host about that. The linked article has the details on the issue.

are you saying that the host has Email Address Obfuscation set ONLY on css files eventhough I’m changing the header using cloudflare not the host -

meaning - the host is sending the request without Email Address Obfuscation
when I change the header in cloudflare then Email Address Obfuscation is turned on - even though is it turned off in the cloudflare account settings?

As I already said, your settings do not apply here and that output comes straight from your host.

how is that possible - is there a technical document that explains how the host can override my cloudflare account? and what settings are being overridden

I mentioned that all already before.

any documents that explains how this works?

could it be a Cloudflare bug? as the host has Email Address Obfuscation turned off - and I have it turned off -

however as you can see Email Address Obfuscation is being applied to the css file

What’s unclear about what I have already written?

you are saying the host has Email Address Obfuscation turned on and I have to talk to them,

but they don’t have Email Address Obfuscation turned on

what else is also unclear from a technical level how it it possible that I change the header to text/html and Email Address Obfuscation is not applied
when the header is css - it is applied

how on a technical level does the host be able to send a request without Email Address Obfuscation and then be able to turn it on/off based on changing the header output in the customer cloudflare account

How can you tell that?

But again, the output comes straight from your host and that’s what you need to clarify with them. I can only link to it again.

You really need to talk to your host about that.

I can tell because Email Address Obfuscation is being activated or deactivated based on my cloudflare account settings by changing the header output - my cloudflare flare account is older than the host company so how it is possible that there settings are overriding mine - when my account was setup years before the host - how it is possible on a technical level

Absolutely irrelevant in this context. When you added your domain to your provider they obviously took control.

I am afraid we are going in circles. What is it you don’t understand about

I even linked to the correct tutorial before.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.