Cloudflare is the world’s largest free CDN service that offers a lot of advantages. One of the best at this time is a feature to prevent DDOS or attacks on websites. But did you know that Cloudflare basically also provides free SSL or HTTPS?
Actually, it’s not just Cloudflare, but there are several other providers, such as LetsEncrypt. But what makes Cloudflare different is the way it is set up, which is easier and website owners don’t have to spend a dime to buy an SSL certificate.
In this article, we will explain how to activate the free HTTPS. But first make sure that the website you are managing now connected with Cloudflare.
Using Free HTTPS from Cloudflare
There are several methods to activate this free SSL, but in this article we will explain the easiest way. That is using options Flexible SSL. So you don’t need to install a certificate on the server. Just follow the steps below.
1. Set Flexible SSL Mode on Cloudflare
Please login to Cloudflare and click on managed domains. Next to the menu SSL/TLS and activate on mode Flexible.
The way this Flexible Mode works is that it only encrypts the browser. And even so, the website will later be accessible from the HTTPS protocol even without installing a certificate. This is what I mean by easy way.
2. Set Page Rules Against Main Domain
The website should now be accessible via the HTTPS protocol. However, you only need to set a little more, so that the website cannot be accessed from HTTP. Namely using the Page Rules feature of Cloudflare.
Please open the Cloudflare dashboard and navigate to the managed domain. Next click menu Page Rules and continue clicking the button
Create Page Rule.
In the domain field, fill in as follows:
And then the setting below it, set it as Always Use HTTPS. Here’s an example image:
If it is set, don’t forget to click the button
Save and Deploy to save it. And after that the website will now be directly switched to HTTPS if someone accesses it from HTTP.
Actually you can also directly set it from htaccess to do redirect the site protocol, but I think using the method above is much faster and less complicated to do.
3. Check HTTPS Status on Browser
The last step is to check the HTTPS status on the website. This can easily be done from a browser. If on Chrome, please click on lock icon in bound domain. If a notification appears Connection is Securethen the SSL on the website is fully functional.
Alternatively, you can use the services of SSLShopper. They provide a feature to check the SSL status of the website. Want to try it? Please go directly to the SSL Checker page.
Also read: 7 Benefits of Using Cloudflare for Websites
The above method applies to all types of sites. But if you are using WordPress, it can be even easier with the help of a plugin called Flexible SSL for CloudFlare. As long as you set it up correctly, HTTPS will be active without any problems.
And one more last thing, if you want to remove SSL from CloudFlare, also make sure to clear the Page Rules so that the website doesn’t crash.redirect continuously. Because the role of the Page Rules of the above method is very important, in order to redirect HTTP to HTTPS easily.
Also, if you’re on WordPress, you’ll need to change your site’s URL to an HTTPS prefix for everything to work properly.
Hopefully useful and good luck