Troubleshooting Cloudflare Issues
Cloudflare is a reverse proxy service that can help to secure and speed-up your sites. While SpinupWP is fully compatible with Cloudflare, there are a few Cloudflare settings that can cause problems. This doc aims to outline those problems.
Too Many Redirects
If you’re receiving the
ERR_TOO_MANY_REDIRECTS error when accessing your HTTPS enabled site that is being proxied through Cloudflare, it’s likely that you have SSL set to Flexible. This should be set to Full (strict), which will ensure connections to your site are fully encrypted end-to-end.
The SSL setting can be found under the SSL/TLS tab.
Unable to Verify DNS
When deploying a HTTPS site via SpinupWP, we first verify that DNS is correctly configured so that a Let’s Encrypt certificate can be generated. To verify DNS, we place a file on your server and check that it’s accessible via the site’s domain name. This allows us to verify DNS, even when you’re using Cloudflare’s proxy services, which hides your server’s IP address.
For this check to succeed, your domain name must be reachable over a standard HTTP connection (port 80). If you have Always Use HTTPS enabled, this will cause DNS verification to fail. We recommend that you disable this setting, as SpinupWP will automatically configure HTTP to HTTPS redirects for you once your site has been deployed.
The Always Use HTTPS setting can be found under the SSL/TLS > Edge Certificates tab.
Unable to Renew Your Https Certificate
If you receive a SpinupWP email informing you that we couldn’t renew your HTTPS certificate, it might be because your Cloudflare Firewall configuration is blocking Certbot requests. Certbot is the tool installed on your server which obtains certificates from Let’s Encrypt and auto-renews them.
The first thing to check is whether “Bot Fight Mode” is enabled and disable it. This can be done from the Firewall -> Bots area in your Cloudflare account for the given domain. If it is enabled, you can disable it by toggling the switch to the right of “Bot Fight Mode”.
The other thing to check is whether you have a Firewall rule enabled which blocks bots. Click on Firewall -> Firewall Rules, and see if you have a rule enabled that may be blocking bots. If you see a rule which has the “Block” action and a description that includes “Known Bots”, try disabling it from the toggle on the right-hand side of the rule.