icyapril

We are moving away from Guzzle (to WordPress’ in-built HTTP client) so this issue will be resolved in the next release.

Hi Brandon;

Have you tried following the instructions outlined here? How do I fix mixed content issues or the infinite redirect loop error after enabling Flexible SSL with WordPress?

Hi; can you please let us know the ticket number you’re referring to?

Hi Dre;

Do you see anything in your browser console or your PHP log file?

Have you tried installing Mod_Cloudflare on your server? This will rewrite your visitor IPs to be your actual end-user IP addresses, so Cloudflare works transparently.

Hi @syamsq;

Have you reviewed the instructions here: Can I use WordPress caching plugins like Super Cache or W3 Total Cache (W3TC) with CloudFlare?

@linusgr – Disabling the Admin Bar and using Cache Everything to cache anonymous page views isn’t a good idea, there are many vectors for Cache Collisions. By doing this you can leak personal information through vectors like WordPress comment form prefills or bypass logins on password-protected posts. Not to mention any other dynamic functionality by third-party plugins which results in leaking of user info.

If you want to cache anonymous page views, the best way to do this is through a feature called Bypass Cache on Cookie, which allows you to safely use Cache Everything on a WordPress site. For additional information on how to do this, please see:

• Caching Anonymous Page Views at the Edge
• Caching Static HTML with WordPress/WooCommerce

Can you please share what’s in your PHP error log and your browser console?

TL;DR This plugin works fine with PHP 7, nothing to worry about.

As we want to move from Guzzle to the WordPress HTTP API, these warnings will disappear in the next version. We don’t actually use the files which are warned about the compatibility checker – it is perfectly safe to use this plugin on PHP 7 now.

In it’s current form, this plugin attempts to ensure that WordPress is aware if you are using Flexible SSL – this happens without turning on Automatic HTTPS Rewrites. When Automatic HTTPS Rewrites is turned on, Cloudflare will attempt to dynamically replace HTTP with HTTPS where appropriate – however we are very conservative with this behaviour and this will only work on internal or external domains where we are confident the link can be served over HTTPS in a stable fashion. We use data from EFF’s HTTPS Everywhere and Chrome’s HSTS preload list, among others in order to validate this.

If this solution isn’t write for you, you might find @abigailm’s method works great. If you want a less permanent solution, a dynamic HTTP->HTTPS rewriter might work for you. We’ve had luck in the past with the SSL Insecure Content Fixer plugin.

Hi;

Can you please let us know what version of PHP your server is running?

Thanks

As a platform, Cloudflare is designed to work with any website within reason.

This plugin provides some useful features however:
* optimising your WordPress site for performance and security whilst using Cloudflare
* making sure the correct visitor IP address is recorded (e.g. for comments)
* making sure Flexible SSL works transparency
* providing a way to easily access various features
* insight into various analytics

The most common reason for this plugin failing is the lack of having an up-to-date PHP installation – though the plugin supports some older versions of PHP, we recommend using officially supported versions of PHP.

Hi;

We currently don’t use the classes you mentioned (so there is no effect), however we are looking to move away from Guzzle longer term.

To clarify, you can safely use PHP 7.0 with this plugin.

Thanks

Unsure why the plugin would stop this behaviour just by enabling CloudFlare.

However; given we’re now in the world of HTTP/2, concatenating is now bad practice. While concatenation can still improve compression ratios, it forces expensive cache invalidations. Even if only a single line of CSS is changed, browsers are forced to reload all of your CSS declarations.

HTTP/2 reduces the amount of simultaneous HTTP connections by using multiplexing. There is a sole binary data stream to instead of multiple requests.

In order to enable HTTP/2 be sure to enable site-wide HTTPS (e.g. using CloudFlare’s Universal SSL), you can follow some great tips for by reading up on HTTP2 for front-end web developers.

Hi;

Have you tried installing Mod_CloudFlare on your server? Make sure CloudFlare’s IP Addresses are whitelisted on any firewalls or rate limiters you have on your web server (or anything between it and CloudFlare).

Thanks