I’ve used CloudFlare for years and highly recommend it for improved webpage load speed (great for SEO), reduced host server load and, best of all, the awesome security it provides. The free CloudFlare plan is adequate for most small websites and this plan offers outstanding speed optimization and security.
WordPress, CloudFlare and Flexible SSL
With the free CloudFlare plan, Flexible SSL is provided. Flexible SSL means that website traffic between CloudFlare and your website visitors is encrypted via HTTPs. This isn’t full end to end encryption but certainly is better than no encryption at all. In the past however it was sometimes a bit complex getting your WordPress website to be delivered via HTTPs when using CloudFlare.
Easy instructions to use CloudFlare SSL with WordPress
Below are the instructions to get up and going once your WordPress website is delivered via CloudFlare.
What you need
- Admin access to your WordPress Dashboard.
- The CloudFlare plugin for WordPress.
- A free or paid CloudFlare account.
- Your website delivered via CloudFlare.
What to do in CloudFlare
Login to CloudFlare and do the following:
- Click the Crypto icon near the top of the screen then ensure that the SSL option is set to Flexible.
- Click the Page Rules icon near the top of the screen.
- In URL pattern enter your domain name ending with /*.
- Set Always use HTTPs to On.
- Click Add rule.
That’s all that needs to be done in CloudFlare.
What to do in WordPress
Login to your WordPress Dashboard then:
- Activate the CloudFlare plugin for WordPress.
- Go to Settings then CloudFlare.
- Enter the various details details (you’ll need your CloudFlare API key) and make sure Development Mode is set to Off and HTTPS Protocol Rewriting is on.
- Click Update options.
View your WordPress website and Dashboard as you always would. When the SSL becomes active you’ll notice that HTTPs is used when viewing any of your web pages (wait a few hours after completing the steps above to see the results).
Please note that you do not need to activate any WordPress plugin that enables HTTPs or SSL nor add anything to the wp-config.php file as, if you follow the steps above, then CloudFlare will automatically direct all page views to delivered via HTTPs.