I recently set up Cloudflare to add an SSL to my website.
Everything seems to have gone to plan, but when I clicked through from Google, my site wasn’t found. I realised that since adding the SSL certificate, www has dropped off my url and any links that include it no longer work.
My understanding of these things is pretty limited, TIA for any advice as to how to reinstate www to my URL
If you are saying your site was not secure before, then you best pause Cloudflare for now and secure your server first. A site needs to be secure before you add it to Cloudflare.
Thanks, but the whole purpose of using Cloudflare was to obtain an SSL certificate…
That’s not what Cloudflare does. You still need a certificate on your server. Cloudflare does offer Origin certificates for installation, but they are no different than what Let’s Encrypt already offers.
You first need a valid certificate on your server. The site needs to load fine, then you can add it to Cloudflare.
Check your DNS records in Cloudflare - specifically the www record (A or CNAME). Sounds like it dropped the www record or its not configured correctly.
Thanks, there’s no sign of www in A or CNAME, it only appears next to MX and TXT
As first step, you should really fix your server.
I’m not sure what you mean by that. I have a wordpress site for my photography business, there’s no Ecommerce. Until a couple of months ago, my host would renew an SSL certificate with Letsencrypt every 3 months. For some reason that was no longer possible, so I searched for a way of adding one which is how I ended up here. The certificate seems fine, but www has dropped off. Is there a way to add it on the DNS record page?
I mean exactly what I wrote. If you have no certificate on your server you currently have - naturally - an insecure site and should fix that first. You have no encryption right now.
You best discuss this with your host, the Let’s Encrypt certificate really shouldn’t be an issue. You can also always get an Origin certificate, but you need to have a certificate on your server for aforementioned reason.
So you will need to ensure you have a ‘www’ A record as well as your root (@) A record configured pointing to your webservers external IP. You should be able to add the record on that page.
Cloudflare’s SSL frontend will then work properly as long as your domains name server records are pointed to Cloudflare. HOWEVER - as @sandro mentioned this isn’t your only step. To ensure communications between your web server and Cloudflare (and anyone who might know your public IP for that matter) you need to install a SSL certificate on your server as well.
Regardless of e-commerce, you are logging into your WordPress instance which, in turn your credentials will be sent to your webserver un-encrypted once it leaves the Cloudflare network. Basic MITM attacks can get your password and take over your site.
Everything in the following post can be executed between Cloudflare and your origin server if it’s not secured:
What’s your domain?
www.olivierburnside.com (except www no longer works)
Thanks for your help.
To be honest, pretty much all of this is so unfamiliar to me that it’s really hard to make sense of it all
Well, yes, you don’t have a “www” record and need to add that.
But that record won’t secure your site and you still need to follow through on what was already mentioned.
Why you should choose Full Strict, and only Full Strict has all details on that, on top of what @sdayman already posted.
Right now I am afraid your site is insecure, but securing it is a matter of a couple of minutes. Either get a Let’s Encrypt certificate again or aforementioned Origin certificate.
You really need to find a new hosting provider if they cant handle Let’s Encrypt of one of the many other ‘free’ SSL vendors.
Is there one you would recommend?
Recommend? Did you check out the article?
As already mentioned
I run my own dedicated servers and shell scripts for hosting/lets encrypt - so I can’t recommend one over the other. I can just point you to some examples of places I know will work: (I’m not affiliated with them)
I have friends that use HostPapa (Canadian Hosting company) that support LetsEncrypt just fine.
I work with OVH a lot and they offer a personal hosting service which includes LetsEncrypt. Link