Google has announced that they will count HTTPS as a ranking factor which means if you using HTTPS you will get a higher position in search results. This will automatically increase your Google rank. Thanks to CloudFlare Free SSL feature that allows you to use HTTPS on your blog.
What is SSL?
SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client. In simple words, it creates a secure layer between your server (Website) and user (web browser).
To get your site over HTTPS you need to buy SSL certificates from the providers and install them manually on your server. Installing manually sounds quite a techie. So, here is a good news for those who wants to use HTTPS on their WordPress blogs.
CloudFlare provides free universal SSL certificate that does the exactly same job and it’s easier to setup. It’s a free certificate, and also works with Free CloudFlare accounts. Without paying extra money.
Setting up your free CloudFlare Free SSL
You must have CloudFlare CDN activated for your WordPress blog. If you don’t have it on your blog, read our easy tutorial How to setup CloudFlare CDN for WordPress blog
Once you done with the CloudFlare setup for your WordPress blog follow the following steps:
- Log into your CloudFlare account.
- Go to Crypto from the top menu bar.
- Choose Flexible SSL in SSL option.
It will take minimum 10-15 minutes to activate Flexible SSL. Once it activated from CloudFlare it will show green ACTIVE CERTIFICATE below as shown in the above picture.
Preparing WordPress for CloudFlare’s Flexible SSL
To prepare your WordPress blog for Cloudflare’s flexible SSL you need to install the following plugin.
This plugin is essential for enabling CloudFlare’s Flexible SSL on WordPress. It will prevent infinite redirect loops when loading WordPress sites under CloudFlare’s Flexible SSL system.
Instruct CloudFlare to deliver content via HTTPS
After installing CloudFlare Flexible SSL plugin activate it and go back to your CloudFlare’s dashboard and add a page rule.
- Create a page rule for http://*yoursite.com/*
- In setting choose “Always use HTTPs”.
- Save and Deploy
It will enforce HTTPS for all the URL. Check the following picture showing page rule.
Adding * at the beginning tells CloudFlare to process all the subdomains over HTTPS. * at the end tells to process all sub-directories.
Change WordPress site address
Now, change your WordPress site address (URL) from http://yoursite.com to https://yoursite.com
- Go to the WordPress dashboard
- Settings >> General Settings
- Change site URL
Note: Don’t change WordPress address, keep it as http://yoursite.com. If you change your WordPress URL to “https://“, it will break your site.
Visit your website in a browser and see if there’s a green lock showing on the top left of your address bar.
Fixing SSL Mixed Content Error
If it’s not showing a green lock, it’s due to mixed contents. This happens in rare cases. It’s because some of your plugins or links are not in HTTPS format. Don’t panic if you facing this problem. I got a solution for this too. Just follow the steps.
- Install Really Simple SSL and activate it (Plugin link)
- If you need further changes you can access plugin settings under Settings >> SSL
- Make necessary changes and Save Changes
That’s it, now check your website on a browser, you will see the green lock with “https://” at the beginning of your site URL. This is how you can use CloudFlare Free SSL on your WordPress blog.