Yesterday, Google announced that HTTPs is an SEO ranking factor; if you deliver your website over HTTP TLS / HTTPs you get a bit of extra SEO love by Google and the chance increases of appearing more prominently in the SERPs (Search Engine Results Pages).
Enabling HTTPs delivery of a website can be an expensive and very complex operation. This is especially true if your website shows external content such as a Twitter or Facebook feed or even if you run one of many plugins (including Jetpack). As WordPress websites are great at showing and sharing with external non HTTPs websites, it can be a very arduous task to enable HTTPs on a WordPress website without getting many errors.
Fortunately there is a way of having your WordPress website delivered via HTTPs whilst keeping costs low and it is a really quick and simple solution. Instructions are given below.
CloudFlare Flexible SSL setup
Regular readers will know that I’m a big fan of CloudFlare. Their DNS is super quick, added security provides peace of mind and the CDN is awesome (with servers in Sydney, Australia for extra quick page-load times of your content even if you host overseas). CloudFlare does provide another trick which is part of their paid plans; that is SSL provision in various types. For the purposes of this article we’ll be using the CloudFlare Flexible SSL which means that you don’t need to purchase an SSL certificate for your webserver (and CloudFlare doesn’t charge for providing the Flexible SSL for your site if you have a paid plan).
Here is how to configure and attain your SSL certificate:
- Sign up for any of the CloudFlare paid plans.
- Setup your website to be delivered via CloudFlare (use the WordPress CloudFlare plugin).
- Login to CloudFlare, click next to your domain name then click CloudFlare Settings.
- Scroll down the page until you get to the SSL section and select Flexible SSL from the dropdown.
You’ve now requested a Flexible SSL for your site which will take about 10 minutes to be issued.
We now need to instruct CloudFlare to deliver our content via HTTPs. Follow these steps:
- Login to CloudFlare, click next to your domain name then click Page Rules.
- In the URL pattern field enter http://www.example.com/* (obviously substitute example.com for your domain name).
- Change Always use https to ON.
- Click Add Rule.
That’s all we need to do on the CloudFlare side.
How to setup WordPress to use CloudFlare flexible SSL
We now need to setup WordPress so that all content is delivered by HTTPs. Fortunately this is really quick and easy using the WordPress HTTPS (SSL) plugin:
- From your WordPress Dashboard, install and activate the WordPress HTTPS (SSL) plugin.
- If you have special setting needs then change the settings for the plugin as necessary (most sites don’t need to change the settings).
Your WordPress website content will now be delivered over HTTPs and you’ll benefit from Google identifying your site as using HTTP TLS (i.e. great for your SEO). An added SEO benefit is of course that CloudFlare will deliver your content faster than ever before (page load speed is also a Google ranking factor).
If you need help in setting up delivery of your WordPress website over HTTPs let us know.