Cloudflare: Common Cloudflare Issues
If you have gone through the instructions and your site still isn't secure or your email isn't working, here are a couple of common reasons:
- The DNS is not correct. (Step 6)
In step 6, it has you compare the DNS in your Homestead account and Cloudflare. If this step was missed, feel free to take a screenshot of the DNS page in Cloudflare and post it here. We will check that the DNS is correct.
If email is not working, make sure the email records are correct in the Cloudflare DNS page. They are suppose to match these records:DNS settings for Homestead email.
Host yourdomain Points to
mx yourdomain 126.96.36.199
mx yourdomain 188.8.131.52
mx yourdomain 184.108.40.206
pop yourdomain 220.127.116.11
imap yourdomain 18.104.22.168
smtp yourdomain 22.214.171.124
mail yourdomain 126.96.36.199
webmail yourdomain 188.8.131.52
email yourdomain 184.108.40.206
Host Type Points to Priority
@ mx.yourdomain 10
Host Type Value
@ v=spf1 ip4:220.127.116.11/24 ip4:18.104.22.168/24 ip4:22.214.171.124/19 ?all
Correct anything that doesn't match.
- Turn the Clouds on next to the DNS for your domain name and for www. (the clouds should be orange)
- The nameservers were not updated properly. (Step 8)
Log into your Homestead account and click the domains tab on the left. Under the domain you are working on, click Edit your nameservers. You will need to click delete next to ns3.mdnsservice.com and then change the other 2 nameservers to the ones provided by Cloudflare. You can't change and delete in the same step, so you will need to click edit twice.
- You need to set the SSL to Flexible. (Step 10)
The first part is now completed. Now, please review the Domain Summary and confirm that the SSL shows Flexible. If it does not, click the SSL option, and select Flexible.
(Note: you can also click Crypto at the top, then select Flexible with the drop-down menu on the right. This should save automatically after you select Flexible)
- It is set up, but you are just checking www.yourdomain.com, not https://www.yourdomain.com. (Step 11)
Over the next 24 hours, periodically visit https://www.yourdomain.com. When you see your site load with HTTPS, please proceed to the next step.
Try adding the https:// before your domain and see if it shows as secure.
- You haven't gone back after 24 hours to finish step 12 and 13
Click on the Crypto button at the top.
In the top section you should now see the status as Active Certificate. On the right side of that section, make sure it shows flexible. You now need to tell all http requests to forward to https. Scroll to the middle of this long page and look for the section entitled "Always use HTTPS" Turn it on. Also scroll to the bottom and find "Automatic HTTPS Rewrites" Turn it on
- You have only followed the 6 steps from the email you were sent. There are more instructions if you go to the link from the email:
**If you have done all of the above, and your site is displaying https:// but isn't "fully secure", common issues include:
- Republish your site. This will often times fix that error.
- Elements on your site are not secure. Common elements include:
hitcounters (these need to be removed, they generally aren't used on sites these days and aren't secure)
HTML elements- you'll need to open the HTML boxes and edit the code to reflect https.
Then republish your site