Since there cannot be multiple _acme-challenge records, attempting to use SSL with both GreenGeeks and Cloudflare may lead to a situation where one provider cannot issue a certificate for that domain.

The Problem

GreenGeeks and Cloudflare use the same method of _acme-challenge DNS-based authentication for SSL.

Setting the GreenGeeks _acme-challenge records means GreenGeeks will be able to issue the certificate for this domain, but Cloudflare will not, or vice-versa.

Such a configuration can lead to situations where the origin site on GreenGeeks is using SSL. But when visitors access the page in their browsers, they see a security error.

This situation arises because the edge (Cloudflare) is not using the same SSL certificate as the origin (GreenGeeks).

The Solution

For domains using the Cloudflare DNS there’s two potential solutions for securing access to your website via SSL:

1. Set the TXT records manually.To use both the Univeral SSL provided by Cloudflare, and the LetsEncrypt SSL provided by GreenGeeks, you will need to manually set the _acme-challenge TXT within the DNS Zone on Cloudflare.LetsEncrypt certificates are only valid for 90 days, so you’d need to repeat the process regularly.

   For more information on the LetsEncrypt SSL DNS requirements, and setting manual TXT records, refer to our Support Article: https://www.greengeeks.com/support/article/lets-encrypt-installation-process/

2.  Allow Cloudflare to manage the SSL certificate, and use a locally-signed certificate on GreenGeeks.Cloudflare provides a free universal SSL certificate, enabled by default when the Cloudflare proxy service is active.In this situation, it’s best to let Cloudflare manage the Edge certificate and install a locally-signed SSL certificate on GreenGeeks, the origin.

   You can create a locally signed SSL certificate from the Security -> SSL/TLS icon in cPanel, click on the CERTIFICATES (CRT) link, and fill out the boxes provided.

   After installing the locally signed certificate in cPanel, log into the Cloudflare dashboard and adjust the Cloudflare SSL encryption setting to SSL = Full, not Full(Strict).

   Using the SSL = Full encryption, with a locally signed certificate on GreenGeeks, means that all visitors will access a fully secure page using the certificate provided by Cloudflare, and Cloudflare will access the GreenGeeks server, secured using the server-generated certificate.

   While server-generated (self-signed) certificates are just as secure, such certificates are not recognized automatically by the web browser.

   Not being recognized by the browser will not cause a problem since only Cloudflare’s server directly connects to the origin server. Other visitors are served from the Cloudflare network using the Cloudflare-provided SSL.

   Note that you will not be able to use the mail.domain.com hostname for your incoming, and outgoing, email server address in the local mail client as it will not be covered by the certificate.   Use the server’s hostname instead to connect to the mail server securely without an SSL certificate warning.

Cloudflare Encryption Modes:

• Off (no encryption)
  • SSL(HTTPS) is disabled; the site is sent & received via regular HTTP.
• Flexible
  • Cloudflare will access the site via HTTP and present it to the visitor via HTTPS.
  • This behavior makes debugging difficult and does not secure the connection between the GreenGeeks server & Cloudflare.
• Full
  • Cloudflare will access the site via HTTPS; the website must be pre-configured for HTTPS access.
• Full (strict)
  • The same as “Full” but requires a browser-valid-certificate, not a server-generated one.

For more info on SSL encryption modes, refer to the Cloudflare documentation:
https://developers.cloudflare.com/ssl/origin-configuration/ssl-modes/

Contact Support

If you have questions about how to configure your GreenGeeks website in combination with Cloudflare, please open a ticket from within the GreenGeeks dashboard: https://my.greengeeks.com/open-ticket

The post GreenGeeks & Cloudflare – Configure SSL Certificates appeared first on GreenGeeks Support.

The end of support for the Cloudflare partner plugins means GreenGeeks will no longer be able to offer Cloudflare within your cPanel dashboard.

Why did Cloudflare discontinue support for the Cloudflare cPanel plugin?

Due to maintenance and support costs, Cloudflare ceased active development on the plugin some time ago.

This lack of development means that at the software level, the Cloudflare cPanel plugin still depends on legacy elements no longer supported by cPanel, including the Paper Lantern theme and the cPanel v1 API.

How will this impact my domains already using Cloudflare?

There will be no impact on your website resulting from the plugin removal.

GreenGeeks hosted DNS zones previously configured through the Cloudflare cPanel plugin will continue to work.

Domains already pointed to the Cloudflare nameservers will not be affected and don’t need any adjustments.

What does this mean for my Cloudflare account?

If you previously were utilizing the Cloudflare service from your cPanel, you’ll need to manage your DNS records directly from the Cloudflare dashboard.

You can log in to your Cloudflare account from the Cloudflare Dashboard here:
https://dash.cloudflare.com/

If you aren’t sure about the email address or password used for your Cloudflare login, you can reset or retrieve this information from the Cloudflare dashboard:

https://dash.cloudflare.com/forgot-email

https://dash.cloudflare.com/password-reset

Can I still use Cloudflare DNS with my GreenGeeks hosting service?

Absolutely! GreenGeeks allows customers to utilize any third-party DNS service they wish, including Cloudflare.

How do I set up a new domain with Cloudflare with my GreenGeeks hosting service?

New domains need to be configured directly through the Cloudflare Dashboard.

Configure the domain in your GreenGeeks cPanel as usual, then log into the Cloudflare dashboard and click +Add Site at the top.

Go through the step-by-step process to add a new domain and set the new nameservers. Then, re-create any DNS records from the existing zone.

For more information, refer to the Cloudflare documentation:
https://developers.cloudflare.com/fundamentals/get-started/setup/add-site/

Are there benefits to using Cloudflare directly?

Yes! The previously available Cloudflare cPanel plugin only had a fraction of the features that Cloudflare offers, such as Page Rules or country-specific blocking.

Pointing a domain to the Cloudflare nameservers allows access to all of the features and additional control over the DNS, such as sending A-records through Cloudflare (instead of only CNAMES).

Can GreenGeeks re-add this plugin within my cPanel account on a Managed GreenGeeks VPS?

The Cloudflare cPanel partner plugin relies on legacy cPanel components that are no longer fully supported by cPanel.

Thus, even if GreenGeeks could re-install the Cloudflare plugin, it would not function correctly as some of the necessary components have been disabled on Cloudflare itself.

Does GreenGeeks plan to re-integrate Cloudflare?

Although the situation is outside our control, we understand that this change may inconvenience you and your users, and we sincerely apologize for the disruption.

GreenGeeks is exploring alternatives for making Cloudflare available in the future via the GreenGeeks Dashboard without the depreciated cPanel plugin.

If you have questions regarding the Cloudflare plugin, our team is always ready to assist you via Phone, Live Chat, or Support Ticket.

The post Cloudflare cPanel Plugin Deprecation – What You Need To Know appeared first on GreenGeeks Support.

With Always Online, if your server ever goes down, Cloudflare will serve pages from their cache, so your visitors still see some of the pages they are trying to visit. Visitors will see a message at the top of the page telling them that they are in “offline browsing mode.” When the server comes back online, Cloudflare will seamlessly route users back to regular browsing.

If Cloudflare does not have the requested page in its cache, the visitor sees an error page letting them know that the page they have requested is offline.

Important: Please be aware that Always Online has limitations.

To enable Always Online in your cloudflare.com account:

1. Log in to your Cloudflare account.
2. Click the domain you wish to enable Always Online on.
3. Click the “Caching” link on the menu at the top of the page.

4. Scroll to the “Always Online” section and toggle it on or off as needed.

The post What Is Cloudflare Always Online™? appeared first on GreenGeeks Support.

The post Cloudflare Always Online™ Limitations appeared first on GreenGeeks Support.

Activating Rocket Loader will immediately improve a web page’s window.onload time (assuming there is JavaScript on the page), which can have a positive impact on your Google search ranking.

Here are the different settings that can be found for Rocket Loader in your Cloudflare account’s performance settings:

Automatic Mode: Rocket Loader will automatically run on the JavaScript resources on your site, with no configuration required after turning on automatic mode.

Manual Mode: In order to have Rocket Loader execute for a particular script, you must add the following attribute to the script tag: “data-cfasync=’true'”. As your page passes through Cloudflare, we’ll enable Rocket Loader for that particular script. All other JavaScript will continue to execute without Cloudflare touching the script.

Please note that:

• Adding the ‘data-cfasync’ attribute within JS will not work to exclude the script from Rocket Loader.
• The ‘data-cfasync’ attribute must be added before the ‘src’ attribute.
• Rocket loader will recognize the tag when either single or double quotes are placed around the attribute value.

To enable Rocket Loader:

1. Log in to your Cloudflare account.

2. Click the domain you wish to enable Rocket Loader on.

3. Click the “Speed” link on the menu at the top of the page.

4. Scroll to the “Rocket Loader” section and toggle it on or off as needed.

The post What Is Cloudflare Rocket Loader™? appeared first on GreenGeeks Support.

Cloudflare supports wildcard DNS records. Within Cloudflare, wildcard DNS records can be either through the Cloudflare Proxy or DNS-hosted-only.

Can I enable Cloudflare on my root domain (e.g., ggexample.com) that is an A record?

Yes!

When using the Cloudflare nameservers directly, you can enable Cloudflare’s proxy service on A or AAAA records.

While Cloudflare can proxy all types of HTTP traffic, it cannot be used for email and special care must be taken if you are proxying the main domain address to ensure the MX record address is not included in the Cloudflare Proxy.

To implement a redirect to www using .htaccess:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^ggexample.com$ [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ http://www.ggexample.com/$1 [R=301,L]

NOTE: replace “ggexample.com” in the above example with your actual domain name.

The post Can I enable Cloudflare on a wildcard (*) subdomain? appeared first on GreenGeeks Support.

You can see a list of locations and the status of the data centers on the Cloudflare website.

The post Where Are Cloudflare’s Data Centers Located? appeared first on GreenGeeks Support.

To decide which records pass through the Cloudflare network, ask yourself what kind of content appears on the subdomain. You should enable Cloudflare for any subdomain that gets web traffic. You should not enable Cloudflare for subdomains that handle non-web traffic, such as mail, ftp, or ssh.

The post Are There Domains That Should Not Be Enabled With Cloudflare? appeared first on GreenGeeks Support.

Once you have enabled Cloudflare on your domain, you’ll be able to adjust the Cloudflare SSL configuration settings from the Cloudflare dashboard, or by using the cPanel plugin.

Note that GreenGeeks suggests using “Full” SSL with a certificate installed within your GreenGeeks cPanel to encrypt connections between GreenGeeks & the Cloudflare network.

The post Is Cloudflare Compatible With a Website Using SSL (HTTPS)? appeared first on GreenGeeks Support.

The post Which Types of Websites Can Use Cloudflare? appeared first on GreenGeeks Support.