May I ask, have you checked the DNS tab and looked up for the A diagnosischeck.com and A www hostnames if both are set to (proxied) or rather (DNS-only)?
For the A record I get your origin host/server IP, rather than the Cloudflare one:
diagnosischeck.com. IN A
diagnosischeck.com. 300 IN A x.x.x.24
Furthermore, may I ask have you recently changed or developed something and temporary paused Cloudflare for your site by selecting Pause Cloudflare for this site option from Cloudflare Dashboard, or rather toggled the Development Mode?
Also seems to me I am not able connect to your domain over HTTPS (default port 443) either - is HTTPS working at your origin host / server and is the SSL certificate installed?
Maybe if you have some Firewall, which could potentially block the HTTPS port? Could you re-check this too?
Kindly, set both to (proxied) to make sure they are being proxied by Cloudflare.
Either, I prefer to use A www and A mydomain.com both pointed to the IP address (the Content value field) and both (proxied). Meaning, you would have to delete the CNAME www record and add another A www with the “Content value” of your server IP address (pointed to it) and cloud.
so you end up having two A type records, A www and A diagnosischeck.com both being proxied by Cloudflare ( cloud)
In case if you need help with managing DNS records at the DNS tab of Cloudflare Dashboard for your domain name, kindly see below useful tutorials:
Furthermore, the https://www.diagnosischeck.com/ gives me the 1020 Access Denied error due to your Firewall Rules (which I assume are restricted by Country?, and seems Cloudflare is working ok, at least in terms for www prefix).
I see it alrady now and it’s working - just again, I got Access Denied and cannot confirm if there are some other errors or issue showing.
In case you do not see it yet, kindly try clearing your Web browser cache, or try openning your Website (www and non-www) in another Web browser, or in a Private Window, or you could also try using a VPN connection (if available to you), or at least you could try using your mobile phone and mobile network data (cellular, EDGE, LTE …) to test it out.
otherwise, it could be some local DNS cache at your Internst Service Provider (ISP)
If you could temporary disable Firewall Rules, I could provide more feedback information regarding it.
Nevertheless, using online tools helped me to gather some more security feedback information about your www/non-www domain. You could check it yourself using tools provided by visiting below links:
Ok, thank you. I will watch to see if the unsecure status change after doing all the things you’ve mentioned. If needed, I will disable firewall rule so you can further investigate. Until then, thank you. Please leave this ticket open until my issue is resolved. Thanks.
Ok, I performed some Firewall rule on my server to allow all Cloudflare’s IP to access my server. Now, I configured my nginx server to handle HTTP and HTTPS. but, I am still not out of the woods yet. My website at diagnosischeck.com is giving me a “400 Bad Request”: “No required SSL certificate was sent”. “nginx/1.21.0”
Also, can you please tell me which country you are helping me from, so I can allow access to that country, so you can have a better view of my issue.
Here are the two nginx configurations that I combined and followed because I am running a python Flask website using uwsgi: How To Host a Website Using Cloudflare and Nginx on Ubuntu 20.04 | DigitalOcean
I uploaded the original certificate and the cryptographic file and key, and added the path to the nginx server block as explained in the tutorials above.
My nginx server is running ok because I tested it using the “nginx -t” command. Do I need to get the Cloudflare Pro service in order for the certificates to work on my server with my nginx server setup or can I just leave the setup the way it is? I am forced to activate the https or http2 server block because I have to be able to let nginx knows that I am running an ssl certficate don’t I not?
I have allowed access to Croatia, so you can do your work
Yes, I have already added the original server.
I just realized that my Flask app is not configured for SSL encryption as yet. So, I am currently in the process of securing it, so all my HTTPS links to pages will be visible. Instead of giving that 404 Not Found Error.
And difference, you are running if from a unix.sock, while I was over the localhost:port (could add an upstream to my nginx.conf file and then call it in vhost file instead of http://127.0.0.1:8000) etc…
Furthermore we go, I am afraid this could be a bit ouf of a scope for this forums.
Thank you very much Fritex for all your help. Now, my project has just embarked on a new scope, which is out of your realm. I feel very happy now that everything seem to be working from Cloudflare’s end. My mission now is to configure Flask security features, HTTP/HTTPS redirects, requests and so on. Have a great day!
Fritex!!! Everything is working fine now. The diagnosischeck.com website is up and running with the world’s most favorite padlock! Thank you, so much! I posted the final Nginx server configuration code, so it can help other people understand the dynamics of securing their Python Flask, UWSGI, Nginx website with Cloudflare.com. This is how to add SSL HTTPS to your website protected by the Cloudflare CDN.
UWSGI Documentation: Quickstart for Python/WSGI applications — uWSGI 2.0 documentation
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate_key /etc/ssl/key.pem; #This is the ssl key from Cloudflare
ssl_client_certificate /etc/ssl/Cloudflare.crt; #This is the origin server certificate from Cloudflare
server_name diagnosischeck www.diagnosischeck.com;