Whynopadlock.com test shows multiple protected domains I don't recognize


I’m using Cloudflare’s SSL certificate but when I checked the site on whynopadlock.com it listed over 60 domains that I don’t recognize. The site was hacked last year with a code injection, spam-redirect, but was cleaned (supposedly) and Google-approved. Where do these other “protected domains” come from? I don’t see this on sites where I have a Let’s Encrypt certificate.


Each free certificate given by Cloudflare has a bunch of domains not always connected to yours. They do this to reduce the number of certificates to manage (and probably reduce costs). You do not need to worry about hackers with that.

If you need to have a dedicated certificate just for you, you can buy one for 5$/month.


Good to know! Thanks for the quick reply, Matteo.

closed #4

This topic was automatically closed after 14 days. New replies are no longer allowed.