Jump to content

Using CDN


Recommended Posts

Hello, I don't know why its so difficult now to use cdn..  Have used cloudflare before but now after changing my Nameserver to cloudflare it shows error.. I changed my Nameserver to gcore cdn, it keep saying the site can't provide security ssl, I don't know may be its because gcore cdn uses letsencrypt too.. I prefer gcore

Link to comment
Share on other sites

6 hours ago, wolstech said:

Cloudflare is supported and should work just fine. What is it doing when you try using CF?

As for gcore, I've never even heard of that, and there's no official support for it 

Browser and CF working fine, Host = Error…. May be I need to wait 24hrs for it to work fine

Link to comment
Share on other sites

We also just bulk-unblocked the France CF data center (it was blocked in the firewall automatically due to bots sweeping sites for WP installs to hack) That was probably the actual issue.

Edited by wolstech
Details
  • Like 1
Link to comment
Share on other sites

I tried to use another CDN apart from CF, the cdn site also use letsencrypt as their ssl but unfortunately for me am unable to use their ssl.. Getting error, now I have deleted letsencrypt from my end but still not working.. I was told to do this from their support 

 

Can't get Let's Encrypt certificate

Check whether the rules you created overlap the path "/.well-known/acme-challenge/<TOKEN>". This is the path for issuing a certificate, in many cases, such a rule (for example, with the path "/.*") does not allow issuing the certificate. Disable the rule, get the certificate, and enable the rule again.

 

I don't know how to do all that…  Pls help

Id: Ojplanet 

Server:  Tommy

Link to comment
Share on other sites

Did it give you a file to upload into that folder? There should be a text file you upload to a specific folder path on your domain to validate the domain for the certificate. Also, be aware that last I was aware, the validation files need to be accessible over plain HTTP, so may you need to remove SSL redirects. They can't get the certificate either because you didn't put the challenge file on the server correctly or because plain HTTP didn't work. Note you're probably going to have to do this manually every 90 days if you're using LE on an external service as opposed to just pointing your domain directly to us.

That stuff related to rules is related to features on their service, we can't provide any support for that since it's not ours.

If you're curious, the reason CF "just works" here because CF is its one of the few (only?) CDNs that is also its own CA with a widely trusted intermediate root certificate. CF doesn't need a service like LE for certificates because of that...CF can just issue itself a certificate and everyone will trust it. 

Link to comment
Share on other sites

Hi @ojplanet,


It is kind of impossible to help you without knowing what errors are being thrown.

Trying their instructions and then coming here without letting us know the entire history of your issue makes us unable to provide assistance.

Regarding that message you copy-pasted, it is talking about rules that you may have created at Gcore, meaning it has no relation to where you are hosting your website. We also have absolutely no way of knowing which rules you (may have) created at that CDN, as it would require access to your account's dashboard.

As far as I could check from the page that your copy-pasted message linked, it is necessary to create a rule with the system template "Let's Encrypt HTTP-01 challenge", as it will create a proxy from yourdomain.com/.well-known/acme-challenge/TOKEN to Gcore's generated token so you can get a Let's Encrypt certificate through them without your webserver (in your case, HelioHost) gets involved.

Unfortunately, as a non-Gcore services user, this is the furthest I could go with the information you gave us.

Link to comment
Share on other sites

And if he does create the rule to allow their certificate to issue, our server may not be able to get a certificate since it needs to be able to check the same path (all LE certificates look for verifications in that acme-challenge folder) which is now being redirected away from our server by the CDN.

Depends how specific the rule is I suppose.

Link to comment
Share on other sites

On 3/3/2023 at 3:42 PM, ojplanet said:

After I mistakenly delete htacess, I can't use gtmetrix to analyze my site anymore… it showing forbidden error 403

Screenshot_20230303-193559.thumb.png.7c2499c592091ac55aa585fb703fab7b.png

Could you please post that screen without it being mirrored and upside-down?

Please also post new, unrelated to this topic subject, questions/issues into a new topic(s), so we can keep our forums organized.

 

PS.: I moved the topic to the "Website Management and Coding" section as it was a question unrelated to HelioHost services but to Gcore services.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...