I mean makes sense. Your source IP isn’t going to be a CIDR range
I mean makes sense. Your source IP isn’t going to be a CIDR range
LYes
LLbots coming to our website from this address are not recognised as verified bots by cloudflare
LWhat's the reason for this?
L
LI solved the problem, the solution is as follows
LLyou need to whitelist the google ip addresses here one by one
UWould be helpful if you could explain more about what you are using and what the error message is
Lcloudflare just got a new update so I guess that's why
Lsome of the workers projects I wrote were deleted :d
UI highly doubt anything cloudflare did resulted in that otherwise there would be very big outrage in this discord right now and a lot of unhappy engineers having to work to get that fixed asap
USo then they have invalid ssl certs on their end they need to fix. SSL certs dont last forever
LCouldn't it have caused a different problem for everyone?
Lare you using plesk panel @znuff
Ldelete and reinstall the ssl certificate
UIs your SSL encryption mode set to "Flexible"? Thats the only option that will work with no cert on origin
Llet's encrypt ssl is free
CThe IP you provide isn't a CF IP/not from a record proxied by Cloudflare, I assume? It's just their website proxied pointing at a normal server IP
CIf your origin doesn't work over https at all, it would only have ever worked with Flexible. If the origin does work over https, and responds with an invalid (wrong domain, self-signed, etc), but only full and not full (strict)
CJust finding one which is broken would be enough, and seeing if switching back to Flexible fixes it
CFor what it's worth, if you were relying on just Flexible before, it's completely insecure, just faking https
Cahh so it's likely your origin does respond with a cert, but just not one which is trusted
UError 526 only happens when the ssl setting is full ssl (strict) according to dev docs so that is the issue
CAll of your customers use Cloudflare?
CThere is one quirk with Cloudflare you could potentially take advantage of. If the customer proxies a CNAME record, Cloudflare is fine as long as the certificate it responds with contains the requested hostname, or the target hostname. If you have a record like custom-hostname.yoursite.com, all it has to do is have a valid cert for itself.
CIn a perfect world though, you should really be using something like Cf for SaaS/a setup that issues a cert for each customer, like every other provider does