Why website doesn't have the green lock?

I have the free plan and thought that I would have the green locker beside my website address, but I don’t. My website is guidessence.com

Any advice?

There are a variety of reasons it could happen. Most common is mixed content (meaning some content is loading over http rather than https). You can see more details in this Help Center article.

Hi Ryan,

Thank you for the answer. I’m new to SSL, so sorry if the question sounds silly. Having no green lock means that SSL doesn’t work on my website? The thing is that my website loads properly with “https”. When I change my URL address in wordpress from http to https, then all my pages load with a green lock except my homepage. I just don’t know what to do.

It’s set up, but it doesn’t automatically kick over to https.

Use the Cloudflare panel for Crypto. About halfway down is Always use HTTPS. I expect you’ll find it’s off. Turn it on.

Already tried this option, but didn’t work.

It has this message error :
This page isn’t working

www.guidessence.com redirected you too many times.
Try clearing your cookies.

Then I’m stumped. But it looks like it’s working now (it wasn’t switching over earlier).

It does look like it bounces around between www and non-www, which would explain that redirect.

Have you been experimenting with .htaccess?

Hi sdayman,

Sorry, I’m not familiar with .htaccess. I don’t know how to do it.

Here are some more helpful KB articles.





Also, you can email supportATCloudflareDOTcom from your account email address and they can help dig into your account specifics and run some tests.


Is there something I can do, because right now, I’m unable to login to my wordpress account (I was a couple a minutes ago)? All my page are loading properly, but not login page

Hi there.

It sounds like you may need to install this plugin.

To access wp-admin, you will need to temporarily disable SSL. To do this, navigate to the SSL/TLS app on the Cloudflare dashboard and make the following changes:

  • SSL Mode (at the top of the page): set to off
  • Always use HTTPS: set to off
  • Automatic HTTPS Rewrites: set to off.

With these settings in place, you should be able to access wp-admin.

Hi Andy,

I tried and doesn’t work. I also clear my cookies and caches.

Have you tried putting your site into ‘Development Mode’? You can do this on the Overview tab under the Quick Actions menu.

1 Like

Do you have SFTP access to your server? These lines should be in your wp-config.php file in the Wordpress directory:

define(‘WP_SITEURL’, ‘https://www.guidessence.com’);
define(‘WP_HOME’, ‘https://www.guidessence.com’);
define( ‘FORCE_SSL_ADMIN’, true );

Those should help the site stay in SSL mode. It’s quite possible your Wordpress configuration is still using the original setting of http under Settings -> General


Yes it is, but this is what my host provider told me to do… I’m just not certain of how much I should trust my host provider. They are trying really hard to sell me their SSL certificate…

I have FTP access to my server. Where do I put them in my files? I don’t see them.

Thank you for your help

Oh and yes, I also tried in developpement mode. I also tried to pause Cloudflare

The wp-config.php is in the same directory as index.php. It’s quite often called public_html.

Once you find the file, your FTP program should have some sort of text editor that will let you edit a file on the server. You can put those three lines somewhere in the middle of the wp-config.php file.

Out of curiosity, which Crypto-> SSL mode are you using? Flexible, Full, or Full-Strict?