Skip to main content

Blogger HTTPS for custom domain and Cloudflare

In BHF, there was a recent issue related to cloudflare where the browser screams the site is a phishing site. So I thought of writing up how does a service like cloudflare affect your blogger blog.

What is Cloudflare?

Well we have that written all over Wikipedia. Let's go on with why Blogger users look for Cloudflare.

Anciently Blogger users used cloudflare for one simple reason. HTTPS for custom domains.

So what happens when you introduce cloudflare into your domain?
DNS Redirect.

Your custom domain will be configured with the proxy info provided by cloudflare and when the request is hit, DNS redirect happens.
DNS redirect is bad for the site's health.
A number of reasons, but the most important is that some browsers, when it detects a DNS redirection, it thinks that it is a phishing site.

What is a DNS redirect?

I am trying to explain this in easy terms. I'll try not to be too technical. When a custom domain URL is hit, usually the domain requests go to Name servers from where the browser would obtain where the domain points to.

So normally, without cloudflare, when a URL is hit,  it first goes to the respective name server to pull the DNS records. Usually to publish a blogspot address, we add 4 * A records and a CName record.

Let's consider CName alone for instance and so the mapped name is Therefore the www URL request is redirected to and from there Google takes care of the publishing.

When it comes to cloudflare, when the same URL is hit, it first goes to the respective name server to pull the DNS records and turns out www URL will be mapped to an IP address provided by cloudflare. So, the request is redirected to this IP address (this is redirect number 1)

This IP address will be holding the SSL certificates required for HTTPS. Once this IP address receives the request, it redirects it to or one of the four IP addresses. (this is redirect number 2)

(Please note that this is a rough idea and am not sure if just one redirect happens)

What happens when such redirects happen?
  1. Affects your search engine visibility.
  2. Becomes a suspect of phishing site sometimes.
  3. Slows down the speed of your blog as it is through a proxy server.
and so on.

What to do if the blog becomes a phishing suspect?

Three steps to follow and you'll be good,
  1. Remove cloudflare or any other such service.
  2. Setup your custom domain DNS properly with 4 * A records and a CName record.
  3. After doing the above steps, report your blog itself in this link below,
What do we do for HTTPS then?

If you had been a cloudflare-blogger user for a while now, I am aware you are going to ask me what would you do for HTTPS. Blogger itself supports HTTPS for custom domains which I hope should help. Kindly checkout and let me know.

Finally, if you want to know more about debugging custom domain related issues, check out my article below,
How to Blog?: Common issues where custom domain is involved. 

(Image courtesy - & 


Feeds for you

How to secure your Google account and Blogger blog?

As a part of contributions to NCSAM, I am writing this article down on what all should we be aware of with respect to Google's security aspect and how to make sure your blog stays yours forever.
What is NCSAM? It's National Cyber Security Awareness Month which is observed during the month of October every year in America.

However, we all know cyber security is a world topic and is not limited to just the USA. So let me give some tips with respect to keeping the Google account safe and Blogger blogs safe from hackers.

As I secure my account, I hope you people catch up too.

In this blog post, I am going to tell about the following,
Securing your Google account.Securing your Blogger blog. Securing your Google account Since Blogger is also part of your Google account, let's first see what all we need to do to keep our Google account safe. Don't share your password to anyone.Keep changing your password every 60 - 90 days.Make sure your password is strong enough. Have at leas…

Blogger in Draft says "Try the new Blogger!"

It's been long time that I wrote something here. Interestingly there seems to be a new update in Blogger in Draft (