I’m already using CloudFlare for https
Have you turned on “Force HTTPS” setting? If you don’t do that I believe it will accept traffic from http as well with obvious results …
Cloudflare is not real HTTPS.
You need to have https turned on at your server, not at an intermediate site that is proxying traffic to your server.
You could conceivably use firewall rules to disallow allow access to your site from IPs that are not Cloudflare. As long as accessing your site via its IP number returns data, you will be susceptible to this problem.
Always HTTPS ON.
And my DNS setting show image.
All settings are OK, what is missing
Follow the instructions here:
I am using CloudFlare for both cdn and dns settings. Do not have a solution for Cloudflare
If you follow those instructions and set up Let’s Encrypt all the other domains will redirect to your real one (or give SSL errors), rather than continuing to be duplicate content.
You might check this topic: Using Cloudflare, should the Name Server use Cloudflare settings, or stick with the host servers settings?
There is no problem with my settings my friend.
My friend there clearly is something wrong with your settings cause your HTTP should redirect to HTTPS with HSTS headers.
This is why we recommend using our official SSL support and not cobbling up hacks
It’s got nothing to do with CloudFlare, it’s to do with your SSL configuration on the server, or lack of. You need to follow the guides here to enable letsencrypt on your server, then that other site will stop working, or redirect to the correct url.
Once that’s done you can also change CloudFlare to full/strict SSL mode.
full/ strict mode on but my site gives a 502 error cloudflare.
Because you need to enable let’s encrypt first.
Full/strict makes it use a secure/SSL connection between CloudFlare and your server. The lower options just use a plain unencrypted connection. Because you haven’t enabled let’s encrypt (or some other form of SSL) on your server CloudFlare can’t establish a secure connection so will give an error.
I do not understand what they said. let’s encrypt is not installed by mail anymore, how can i install letsencryp.
Turn off cloudflare so that your domain name resolves directly to your server.
./discourse-setup again and provide your email address for Let’s Encrypt.
Notify: I use cloudflare.
WARNING:: This server does not appear to be accessible at ***.com:443.
A connection to http://** (port 80) also fails.
This suggests that ***.com resolves to the wrong IP address
or that traffic is not being routed to your server.
Google: “open ports YOUR CLOUD SERVICE” for information for resolving this problem.
You should probably answer “n” at the next prompt and disable Let’s Encrypt.
Notify: Let’s Encrypt cannot work if CloudFlare intercepts connections. That’, and a link I provided above are why I said to disable cloudflare.