setup SSL/TLS encryption HELP from DNS bought from cloudflare
I want to setup my website soon. I noticed that my SSL is not setup automatically. Can someone help me ?
85 Replies
@CosmosisT
Under Attack Mode is active :NotLikeThis:
Where are you stuck? This is not really specific, have you tried anything?
I think i need to set the SSL/TLS up
I dont know how to. I don't know I maybe encountering a bug?
@CosmosisT
@CosmosisT
Oh no bug, just setting up essentially.
So have you generated your SSL with CloudFlare for *.agileathena.com/
I couldn't add another * (discord code is weird)
yes. It is not secure tho
Do you have the files for the SSL (don't share them).
I dont know what that is
Where do I get that? @CosmosisT
Uh been a while since I collected mine but it's I believe through SSL>Origin Server
You create a certificate and download your files and the server code you should set to run the certs over HTTPS.
reject anything port 80 or HTTP.
@CosmosisT This
Yeah
That looks right
Can i sent you a Pvt DM?
Now this leads to sensitive data; do save everything cause some things may be needed still
but don't share too much of that.
You can but good practice is never do that again, I don't personally want cert access/etc or anything malicious to do with sites.
But so you know you should learn this process on your own!!!!!!!!!!!
I just want to prepare this. I thought it is automatic!
No no
Cause you'll gain files that help with the cypher/encryption process
So youre servers will need these certificates
This will applly to all my sub-websites?
It's a secret/secure method for encrypting traffic, so yeah we need to do this process and get use to doing it yearly in some cases with CF they have a layered method so they'll switch the SSL mid-layer.
The SSL will apply to anything you have proxied in DNS.
So if it's under cloudflare protection it'll work.
is it in developers documentation?
I'm sure it is
When you turn off CF proxy in DNS for a record it's on you to provide an SSL/etc.
Otherwise if proxy is on with DNS records they all can use the certificate as long as they operate on the ports/protocals they allow.
How long is the process for this to get activated?
Immediate generally.
Can you walk pls me through?
But that's given you know how to setup so possibly 2 hours tops?
with you? I doubt it
Well the domain server, or the main server do you have abiliity to set HTTPS
Not sure your setup but can you easily set HTTPS and set the certificates?
Nope, but it seems like it is done step by step
I haven't done that before
Hmm, what kind of service are you using to host the server?
WEbsite first to SaaS
To clear this, your domain it's established or configured with cloudflare?
The name servers are set and all sorts properly?
no because I bought this directly from cloudflare. Namecheap has that defined
Not sure if you bought domain with cloudflare but getting an idea of the setup.
Okay so domain is bought with CF so it should be defaulted.
that's one step out of the way, so your actual server hosting the services does it have a control panel or root acess?
Did you mean this ...
Perhaps code you can modify?
not sure
yes
I bought that site. It is active but not secured
Do you have a server for it?
A domain name is just a domain name.
I dont have a server
So you just have a domain name.
yes
Is it included?
No no
There are some free products you may use but ideally you may want to buy a server
or a pre-managed service
like from firebase, etc?
Many o ptions
What are you trying to host?
Where do you recommend?
A domain name is a great start, but now need to consider servers or a service you can route with your sites DNS now.
Well I need to know what you plan to host to recommend.
A microservice like Netflix style but not videos but documents like templates to sell
Im thinking shall I do it directly as SaaS or website first
You should tinker around with what works to learn the basis
You've seen wordpress sites, does that work?
I had this www.savvymedipedia.com
Just need to learn a bit of CPanel for a little bit till you can go a bit crazy with development.
i created this
www.savvymedipedia.com
So you should know then how to generate SSL, apply it to your HTTPS service.
I used netlify
They do that for me
Those are managed services
they make it easy so for you, you need to find a service that can let you do that and you get a direct IP.
This however may require some know how... :X
what should I learn? Maybe i just use manage services then 😦
Well for the server part it depends, you can get a server with full terminal/root access and have to set everything up yourself and if confused can be compromised.
You can get a managed service that should be able to provide direct IP and as well secure this for a safe/secure wordpress setup.
Which cloudflare does
can i easily transfer my code from wordpress to saas?
That's a different question, I wouldn't know fully CF gots tons of products.
They have a lot
Oh gosh. what do i do now with this domain name
Open new topics and google for that, your SSL though generate it and save all information/files.
you can do tons; you bought it for a reason.
Im happy but how ? It sounds complicated
Is this the best source to start? -https://developers.cloudflare.com/learning-paths/get-started/security/secure-origin/
Cloudflare Docs
Secure your origin · Getting started · Learning paths
Your origin server is a physical or virtual machine that is not owned by Cloudflare and hosts your application content (data, webpages, etc.).
I have a knowledge gap from this
Adding domain to CF is easy
Your domain is on CF already it's ready; the DNS is awaiting records to work with your server.
Issue is you don't have a server running just yet.
So you just need a managed server that you can change certs and do simple stuff. Nothing to insane
I see. Great points. Thank you 🙏🏻🙏🏻
You'll get an IP to the server, you set an A record if IPv4 or AAAA if IPv6 and send domain to that address via proxy and have that server use the certs you gen with cloudflare and enjoy.
I am heading out for a while I hope you sort it. CF may offer free services you can link DNS to I'm not entirely sure.
Thank you so much. NAmecheap has that for me. Why not CF? 😦
Have a good day!
I use namecheap as a domain name, just have it linked to CF.
I assume you may be able to link their product same way.
I see. Shall I buy another one? Buy it from namecheap then CF?
Ask more questions and figure it out.
I am old-school, I buy VPS and cloud computing galore.
I see. ok. That's helpful still
CF is an augment to you
You just need to be able to safely assign a DNS record to the server and the server hosting the certs.
Did you see their workers AI?
It's a firewall for me which requires the SSL.
I hope not a long process
I don't use much more of the products, I need high demand applications.
Like?
I have to design my own gateways and all sorts and custom CDNs.
Cool
Are you in cybersecuirity?
But the process for you is very quick if you have what you need but learning process is a bit much.
You just need a server now that supports you using your own SSL/etc, all the fun. Provides IP to set an A, or AAAA record.
lol.
Anyways have a fun day, I hope you sort things do ask more questions. I must step away for a bit.
OK, take care.
What is funny to be in Cybersecurity?
Oh nothing, it's just much more than that.
But not that uh, "fancy".
Full-stack developer but security was taught day one.
Where?
where?
yeah but it is important. How do you see security in DevOpsSec using ReactJS stack?
? I got a 403 code from stumblechat 😦
Anything can be compromised if code is slightly wrong.
I have to tend to stuff so GL. Stumble is strict.