Table of Contents
Before knowing how to use Cloudflare Flexible SSL in WordPress, let’s see what is Cloudflare and SSL.
Cloudflare is mainly a CDN (Content Delivery Network) provider that has free and premium plans, In addition to that, they also offer other services like DDOS protection, SSL, WAF (Web Application Firewall) and a few more.
Using SSL (Secure Socket Layer) will encrypt all sensitive information transferred between the client and server, here is the correct definition of What is SSL from Digicert, a well-known SSL certificate issuer.
SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).Digicert
SSL allows secure transmission of various sensitive data like username and password, your credit card details while doing some online transactions, etc.
The usual or Non-SSL protocol used while sending the data between browser and web servers is a simple plain text, and because of that, the systems without SSL becomes vulnerable.
Such kind of data flow between a server and browser can be intercepted easily which could be harmful in many ways.
As you can understand that SSL is a security protocol, which enforces encryption for the transmission of information and the links.
In this tutorial, I will show you How To Use Cloudflare Flexible SSL In WordPress. Cloudflare also offers premium SSL however free SSL is more than sufficient for a WordPress blog.
Getting Started with How to use Cloudflare Flexible SSL in WordPress
Create A Cloudflare
To use Cloudflare SSL you must signup for a Cloudflare account and add your website there which is a simple process, click here to signup.
If you already have a Cloudflare account then login into it and see if SSL is enabled in the ‘SSL/TLS’ tab, because in a few cases if Cloudflare has partnered with your host, it won’t allow you to use the Cloudflare DNS and change SSL certificate.
Otherwise, you will have to follow the Cloudflare procedure to add your site.
Step 1 – Enter your site
Step 2 – Choose the Free Plan
Step 3 – It will scan your existing DNS and display it. Review the same and then click Continue.
Step 4 – Now, it will ask you to change your nameservers.
Step 5 – Login to your Domain registrar account and change the DNS (Domain NameServers) from your hosting provider to Cloudflare.
Step 6 – After changing the nameservers, click on Done, Check nameservers. That’s it.
Now after the nameserver verification, Cloudflare will automatically add the SSL to your account.
Keep patient, it may take 10min to 48hrs, totally depends upon the DNS propagation.
Head over this site to check your DNS propagation. Enter your sire and choose the NS record to check the DNS propagation.
Speed up the DNS propagation
Enable ‘Always use https’
Once the Cloudflare shows the status of your site ‘Active’. Head over to the ‘SSL/TLS tab and click on the Edge Certificates option. Now, check ‘Always use HTTPS’ option should be ON.
Fix Mixed Content Issue
Usually even after Cloudflare has cached all static content on your site and SSL is issued which changed your site from HTTP to HTTPS you may not see the green padlock beside your site’s URL in the address bar, this is called mixed content.
This is caused because some files on your site are loaded with https while some aren’t. You can fix this by simply installing the ‘Cloudflare Flexible SSL‘ plugin that you can download here.
Advanced Mixed Content Issue
Installing the plugin specified above should fix this issue but sometimes many other external files may not be loaded via https like affiliate banners or other ads.
In that case, use https://www.whynopadlock.com/ to check which files are loaded insecurely and try to host such files at your server.
This wraps up the guide on how to use Cloudflare Flexible SSL in WordPress.
If you like this guide then please share it and if you have any doubts or problems regarding this then comment below.