How To Set Up HTTPS With Your Website For Free Using Cloudflare
February 15, 2018 | By Jeff | In Tips & Advice
As you may have heard, it’s starting to become more standard that websites will be expected to be served through secure HTTPS and those that aren’t will be penalized. Google just announced recently, that in their next version of Chrome, non-HTTPS websites will be marked as “not safe” in their browser. So if you don’t want to be “shamed” by Google, it’s probably a good idea to get on the bandwagon and server your site through HTTPS.
Now, you’d think that pretty much all web hosting providers would offer this option to their customers for free, but it’s definitely not the case. Many of them offer no SSL/HTTPS solution unless you pay them an extra monthly or yearly fee, which hardly seems fair. So if you’re stuck with a hosting provider that doesn’t offer a viable free HTTPS solution, and you don’t feel like or have the time to switch to a new hosting company, there is another solution, Cloudflare.
Cloudflare acts somewhat like a “content delivery network” in that all of your website content passes through their servers and then is delivered to the user from the closest and fastest server from where they are. This method of breaking up your content allows for your website to load much faster for whoever is visiting it. It also allows for a much more secure way to serve your site as it also filters out bots and malicious users. It just so happens, they also offer a free SSL (HTTPS) option to serve your website through as well. Here is a better explanation of how it works.
If you are using WordPress for your website, these are the steps to follow to get this to work.
1. Sign Up With Cloudflare
Sign up for the free plan with Cloudflare. Then add your website domain name through their setup. Cloudflare will crawl your website and DNS settings and then give you two nameservers to change for your domain name. You will need to be able to access your account where your domain name is hosted so you can change the nameservers to Cloudflare’s. This will allow all of your content to host through Cloudflare to whoever visits your site.
2. Install These Plugins
You will need to install two WordPress plugins in order to make sure that your website is always displaying the HTTPS version of it when somebody visits it. The first one is the official Cloudflare plugin. The second is the Really Simple SSL plugin.
You will have to login with the Cloudflare app. On the first page, be sure to check “optimize for WordPress” button. On the second page, be sure to check “Automatic HTTPS Rewrites” at the bottom.
4. Set Things Up In Real Simple SSL
You might have to wait a day or so before you will see that SSL is available on your server. This plugin will let you know. On the first page of the plugin, you should see a green checkmark that says SSL is available. Click on the button to enable it. You may run into a few errors, but just refresh, try again until it works. You may also be forced to login again to wordpress. Leave all the default settings. This plugin will also setup 301 redirects, so that if somebody visits the HTTP version of your site, it’ll push them to the HTTPS version. That should be it.
So that’s it. Now you can enjoy the fact that you are safe from the Chrome update and you didn’t have to spend a dime. On a plus, your website is also probably running much faster as it’s being optimized through Cloudflare.