Help with SSL Cloudflare
-
So, I tried linking my Lemmy instance akaris.space but it says the ssl handshake failed and i can't seem to figure out what went wrong.
How are you using Cloudflare, and what are you serving the lemmy instance on? I'm guessing it is due to the ssl mode chosen as said before
-
How are you using Cloudflare, and what are you serving the lemmy instance on? I'm guessing it is due to the ssl mode chosen as said before
You want to use flexible ssl/tls for starters, doubtful it will work otherwise. Log in to cloudflare, choose domain, then SSL/TLS and see if encryption is set to flexible. See what that gets you, though it can take 15 mins for effects to show up. As long as the server can be reached cloudflare will try and match a certificate so lemmy gets served, as long as the server is set up correctly and the ports etc. are correctly forwarded and open
-
How are you using Cloudflare, and what are you serving the lemmy instance on? I'm guessing it is due to the ssl mode chosen as said before
I'm using it to set a tunnel, and lemmy instance is yunohost. since my domain is on porkbun, it says now "parked on the bun"
-
https://developers.cloudflare.com/ssl/origin-configuration/ssl-modes/ you could use a less strict mode here
I have, thanks, now it shows "parked on the bun"
-
So, I tried linking my Lemmy instance akaris.space but it says the ssl handshake failed and i can't seem to figure out what went wrong.
wrote last edited by [email protected]Set the SSL mode to "Full".
Then go to "Rules" and create three rules. This is also the order in which they should be processed:1. Name: lemmy u all Custom filter expression: URI path equals /u/* All other options disabled.2. Name: lemmy nodeinfo all Custom filter expression: URI path equals /nodeinfo/* All other options disabled.3. Name: lemmy inbox all Custom filter expression: URI path equals /inbox/* All other options disabled.This should get your instance running behind Cloudflare's tunnel.
*edited for formatting
-
Set the SSL mode to "Full".
Then go to "Rules" and create three rules. This is also the order in which they should be processed:1. Name: lemmy u all Custom filter expression: URI path equals /u/* All other options disabled.2. Name: lemmy nodeinfo all Custom filter expression: URI path equals /nodeinfo/* All other options disabled.3. Name: lemmy inbox all Custom filter expression: URI path equals /inbox/* All other options disabled.This should get your instance running behind Cloudflare's tunnel.
*edited for formatting
What do I put for "rule type" on Cloudflare? ex: redriect or route request, transform request/response, modify configurations
-
What do I put for "rule type" on Cloudflare? ex: redriect or route request, transform request/response, modify configurations
Oops sorry about that, you want them all as configuration rules
-
I have, thanks, now it shows "parked on the bun"
What is porkbun, your hosting provider?
-
What is porkbun, your hosting provider?
The site I bought the domain at :3
-
Oops sorry about that, you want them all as configuration rules
wrote last edited by [email protected]Thanks
-
Thanks
Hope it helped!
-
Hope it helped!
what action do i put, i put ssl, idk
-
Hope it helped!
but maybe not because it still says the handshake failed
-
what action do i put, i put ssl, idk
I've left all of the actions off
-
I've left all of the actions off
oh, how do u do that? it says i must have an action
-
I've left all of the actions off
action parameters are required for the set_config action
-
oh, how do u do that? it says i must have an action
So sorry, it's been a while....
Add the following actions:- Browser integrity check (Then turn off)
- Disable RUM
- Disable Zaraz
- Email Obfuscation (Then turn off)
- Fonts (Then turn off)
- Hotlink Protection (Then turn off)
- Opportunistic Encryption (Then turn off)
- Rocket Loader (Then turn off)
-
So sorry, it's been a while....
Add the following actions:- Browser integrity check (Then turn off)
- Disable RUM
- Disable Zaraz
- Email Obfuscation (Then turn off)
- Fonts (Then turn off)
- Hotlink Protection (Then turn off)
- Opportunistic Encryption (Then turn off)
- Rocket Loader (Then turn off)
Thanks so much!! This will totally help me and I'll tell u the results
-
Thanks so much!! This will totally help me and I'll tell u the results
wrote last edited by [email protected]the domain says parked
-
The site I bought the domain at :3
I think you pointed Cloudflare DNS records at the wrong thing. You can PM me if you're afraid to post details here but you should point Cloudflare at your hosting provider, or your home IP if you're hosting at home, not the place where you bought the domain.
