Cloudflare: Common Cloudflare Issues

If you have gone through the instructions and your site still isn't secure or your email isn't working, here are a couple of common reasons:

The DNS is not correct. (Step 6)

In step 6, it has you compare the DNS in your Homestead account and Cloudflare. If this step was missed, feel free to take a screenshot of the DNS page in Cloudflare and post it here. We will check that the DNS is correct.

If email is not working, make sure the email records are correct in the Cloudflare DNS page. They are suppose to match these records:DNS settings for Homestead email.

                        A RECORDS

Host         yourdomain           Points to

mx            yourdomain             66.96.142.50
mx           yourdomain             66.96.142.51
mx            yourdomain             66.96.142.52
pop           yourdomain             66.96.135.134
imap         yourdomain            66.96.135.134
smtp         yourdomain            66.96.135.134
mail          yourdomain             66.96.135.134
webmail    yourdomain            66.96.135.48
email        yourdomain             66.96.135.48

MX RECORDS
Host Type          Points to                     Priority

@                       mx.yourdomain            10

TXT Record

Host Type   Value

@                 v=spf1 ip4:38.113.1.0/24 ip4:38.113.20.0/24 ip4:65.254.224.0/19 ?all

Correct anything that doesn't match.
Turn the Clouds on next to the DNS for your domain name and for www. (the clouds should be orange)
The nameservers were not updated properly. (Step 8)

Log into your Homestead account and click the domains tab on the left. Under the domain you are working on, click Edit your nameservers. You will need to click delete next to ns3.mdnsservice.com and then change the other 2 nameservers to the ones provided by Cloudflare. You can't change and delete in the same step, so you will need to click edit twice.
You need to set the SSL to Flexible. (Step 10)

The first part is now completed. Now, please review the Domain Summary and confirm that the SSL shows Flexible. If it does not, click the SSL option, and select Flexible.
(Note: you can also click Crypto at the top, then select Flexible with the drop-down menu on the right. This should save automatically after you select Flexible)
It is set up, but you are just checking www.yourdomain.com, not https://www.yourdomain.com. (Step 11)

Over the next 24 hours, periodically visit https://www.yourdomain.com. When you see your site load with HTTPS, please proceed to the next step.

Try adding the https:// before your domain and see if it shows as secure.
You haven't gone back after 24 hours to finish step 12 and 13

Click on the Crypto button at the top.

In the top section you should now see the status as Active Certificate. On the right side of that section, make sure it shows flexible. You now need to tell all http requests to forward to https. Scroll to the middle of this long page and look for the section entitled "Always use HTTPS" Turn it on. Also scroll to the bottom and find "Automatic HTTPS Rewrites" Turn it on
You have only followed the 6 steps from the email you were sent. There are more instructions if you go to the link from the email:
https://community.homestead.com/homestead/topics/can-i-secure-my-homestead-website-with-https

**If you have done all of the above, and your site is displaying https:// but isn't "fully secure", common issues include:
Republish your site. This will often times fix that error.
Elements on your site are not secure. Common elements include:
hitcounters (these need to be removed, they generally aren't used on sites these days and aren't secure)
HTML elements- you'll need to open the HTML boxes and edit the code to reflect https.
Then republish your site

Responses

spindys

25 Messages

•

674 Points

4 years ago

Hello, I wanted to check that the DNS is correct for my site. Its been online for years and was secure, but now not secure. Trying to figure out the issue and thought you could help. Was directed to this post and to call for help on set-up. With my schedule it may be hard to call until next week, but would like the site up as soon as possible. I've added photos of my cloudfare DNS records for review. Appreciate any assistance. Thank you,

Image httpsd2r1vs3d9006apcloudfrontnets3_images1845093RackMultipart20200729-103372-dsw029-page3_inlinejpg1596018661

Image httpsd2r1vs3d9006apcloudfrontnets3_images1845094RackMultipart20200729-105386-171mpqc-page2_inlinejpg1596018676

Image httpsd2r1vs3d9006apcloudfrontnets3_images1845095RackMultipart20200729-84224-t42aas-page1_inlinepng1596018730

Image httpsd2r1vs3d9006apcloudfrontnets3_images1845092RackMultipart20200729-107455-1uku0ga-Spindyscom_error_inlinejpg1596018646

0

michelle_c

7.6K Messages

•

106.7K Points

4 years ago

If the site is at Homestead the A records need to be adjusted, remove these and alter the last one to point to 108.167.135.83.
Image https//d2r1vs3d9006apcloudfrontnet/s3_images/1845103/18526-18iucbs_inlinepng1596030135

Image https//d2r1vs3d9006apcloudfrontnet/s3_images/1845103/18526-18iucbs_inlinepng1596030135

Also remove these extra records.

Image https//d2r1vs3d9006apcloudfrontnet/s3_images/1845104/11688-11knou3_inlinepng1596030173

The end should look like this, with your records displaying websites057.homestead.com for * and www.

0

louray2765

36 Messages

•

476 Points

so websites043.homestead.com is no longer valid?

Like

Reply

4 years ago

0

louray2765

36 Messages

•

476 Points

4 years ago

After moving to Cloudfare my email no longer receives email... it no longer shows up in Roundcube (last message 3/22 when I've been receiving email since then)... it's neither in the IMAP inbox nor in Roundcube. Cloudfare is doing something.

(edited)

2

0

louray2765

36 Messages

•

476 Points

Figured it out... updated to .134 and changed everything to DNS only as shown in michelle_c's screenshot

Once I did that and deleted and readded IMAP all was well. Unfortunately, any email from 4/2 seems to be lost forever.

(edited)

Like

Reply

4 years ago

0

michelle_c

7.6K Messages

•

106.7K Points

Hello,

If the nameservers for this domain are currently pointing to Cloudflare please verify all the email dns reords are added to Cloudflare to enable the email. Here are the records that should be added to the CF dns. https://community.homestead.com/conversations/email-support/dns-records-for-homestead-email/5f2a9b2c58180958845d0015

Like

Reply

3 years ago

0

michelle_c

7.6K Messages

•

106.7K Points

Any emaisl sent while the email was down would have gotten bounced back to the sender and they are aware that it didn't come through, it is now at their discretion to resend the email.

Like

Reply

3 years ago

0

L

lisa5877

7 Messages

•

140 Points

3 months ago

Hi thank you. I don’t know if this is what you mean by dns records but this is what’s listed it also says I have to turn off Dnsecc but I don’t know where to do that. I am really lost here so any help greatly appreciate it

A(Proxied | auto TTL)

email.thespeedwalkingdog.compoints to 66.96.135.48.