While testing the new Cloudflare settings, I decided to activate the flexible SSL option and go full HTTPS with getButterfly.com. After setting up everything and moving the site to HTTPS and changing all links and installing a Cloudflare redirection plugin, I discovered that certain site checkers were not able to access the site. Some locations in US, Canada and Asia were restricted. After a bit of investigation, I learned that Cloudflare is a bit aggressive when blocking potential threats.
Going back from HTTPS to HTTP is a loaded gun, as the connection between user and server is done before accessing the site, so there was no way for me to redirect HTTPS requests to HTTP (the opposite is possible). Being able to do so would be a serious security risk, as requests would be intercepted before returning the site’s content.
So I went back to HTTP, lost several HTTPS backlinks in the process, but now the site gets an A grade in most site checkers. When the time will come, I’ll get a full SSL certificate.
The bottom line here is don’t get a free, half-assed SSL certificate. If it’s free, then it’s too good to be true. And if that’s the case, then it’s, indeed, too good to be true.
Once a week or so we send an email with our best content. We never bug you, we just send you our latest piece of content.
If you found any value in this post, agree, disagree, or have anything to add - please do. I use comments as my #1 signal for what to write about. Read our comment policy before commenting! Comments such as "Thank you!", "Awesome!", "You're the man!" are either marked as spam or stripped from URL.