If you want to migrate your WordPress site from HTTP to HTTPS, then you require an SSL Certificate. Now it has become necessary for WordPress bloggers to secure their sites using SSL Encryption. Cloudflare offers flexible & free SSL Certificate for small websites which is easy to implement. HTTPS, on the other hand, helps in encrypting all transmitted data and thus protect it from getting hacked by any external host or network. In this post, I will be sharing the complete guide to Setup Cloudflare Flexible SSL Certificate for WordPress.
In case you don’t know a bit about SSL certificates, you might enjoy reading this article >> All That You Should Know About SSL Certificates.
Now I’m going to answer a question that many of our readers asked us this month, do SSL Certificate affects Search Engine Rankings?
Yes! Now Google is counting HTTPS as a Search Engine Ranking Factor. It means that if you are using HTTPS on your WordPress blog, then your website will be considered as a safe to use (by Google), and thus it will increase your chances of ranking high in search results.
Years ago, SSL certificates were too expensive to buy even for bloggers, but now it has become feasible due to Cloudflare’s free services. You are free to use Cloudflare’s flexible SSL Certificate on your WordPress site or blog. It requires small modifications to your WordPress site settings which are quite simple.
How to Setup Cloudflare Flexible SSL Certificate for WordPress?
Cloudflare is an American based company which provides a content delivery network (CDN), Internet security services and distributed domain name server services. Here at 3nions, we are using Cloudflare CDN and DDoS protection services.
To start using the Cloudflare Flexible SSL Certificate on WordPress, firstly, you need to create a free account on Cloudflare. It is very easy to set up and activate Cloudflare services on your WordPress site. Just follow the steps given below:
- Sign up on Cloudflare and enter the essential details.
- Now add a new website and click on scan button. It will automatically scan and grasp all your domain records.
- Select a free website option.
- Now Cloudflare will provide you two different Name Servers which you have to enter it in the place of your existing name servers.
- For that, just login into your web hosting/domain account and open “Manage DNS” option. Under that, you will find Name servers.
- Change the existing Name Servers with those provided by the Cloudflare. That’s it. Now Cloudflare will take some time to verify your website.
- After the verification process is completed, you are ready to add Cloudflare Flexible SSL Certificate on your WordPress site. Now open the “Crypto” option from the row of icons in your Cloudflare’s dashboard.
- Under Crypto, you will find the SSL Certificate option. Select the Flexible SSL from the drop-down menu. Cloudflare usually takes around 15 minutes to issue a Flexible SSL certificate for your domain name.
- After some time you will get your Cloudflare Flexible SSL certificate activated. You can ensure that by locating the green badge of “ACTIVE CERTIFICATE” under the SSL Certificate option. Refer the screenshot above for more information.
Setting up WordPress for Cloudflare Flexible SSL Certificate
NOTE: Before making any changes in your WordPress dashboard, Don’t change your site address from HTTP to HTTPS, otherwise, you will crash your site.
For activating HTTPS on your WordPress site, Cloudflare requires the installation of two plugins. Without installing these plugins, the Cloudflare flexible SSL Certificate won’t work on your WordPress site.
Cloudflare Flexible SSL WordPress Plugin
This plugin is crucial for enabling Cloudflare flexible SSL Certificate on your WordPress site. It helps in fixing the infinite redirect loops when loading WordPress websites under CloudFlare’s Flexible SSL system.
This plugin don’t require any settings. Just install and activate it from your WordPress dashboard.
WordPress HTTPS (SSL) Plugin
WordPress HTTPS (SSL) Plugin is the best SSL plugin for WordPress. Not only Cloudflare, but any SSL certificate can be easily integrated into your WordPress site using this plugin. Any other details about the plugin installation would be found here. This plugin will force WordPress to use HTTPS on all the links and pages of your website.
WordPress HTTPS (SSL) Plugin Installation and Configuration Settings
- Install the plugin from WordPress Dashboard > Plugins > Add new.
- Go to HTTPS from your WordPress main menu.
- In HTTPS settings, please select the “Yes” option for proxy settings and leave the other options as it is.
- After that just hit the “Save Changes” button. For more information, refer to the screenshot given below.
Setting up Cloudflare to address HTTPS on all the web pages.
Now you are just one step away for adding Cloudflare flexible SSL on your WordPress site. Login into your Cloudflare account and go to Page rules from the row of icons.
Page Rules let you control which Cloudflare settings trigger on a given URL. So here you have to add a new Page rule which will let you enable HTTPS on your WordPress site.
- Login into your Cloudflare account and go to “Page Rules”.
- Now Click on “Create Page Rule”. Cloudflare offers only three Page Rules per website in a free account.
- Enter your Site URL as a Page rule between two *–* asterisks. For example, http://*www.3nions.com*. If your site address doesn’t have a “www”, then write it without “www”.
- In settings, turn on “Always use HTTPS”.
- Keep the trigger order as “First”.
- Now save the Page Rule by clicking on “Save and Deploy” button. Refer the screenshot below for reference.
Changing your WordPress Site Address (URL) from HTTP to HTTPS
It is the final step in which you have to change your WordPress Site Address (URL) to start using HTTPS on your site.
- Go to your WordPress General Settings.
- Now you have to change your Site address from “http://” to “https://” to start using Cloudflare flexible SSL in WordPress. Please do not attempt to change the WordPress Address (URL) and leave it as “http://”. See the image below for reference.
NOTE: Do not make any changes to your Site Address (URL) before installing and activating the Cloudflare Flexible SSL WordPress Plugin. Otherwise, it will break your site. If you change your WordPress Address (URL) to “https://”, it will crash your site, and it won’t work.
- If your WordPress site is taking sensitive data from visitors like bank transfer, online purchase, email registration or login, adding SSL certificate is critical.
- Currently, SSL Certificate or HTTPS is not much affecting the SEO of your Site, but maybe later it is possible that it will become one of the major ranking signals of Google.
- SSL will keep your site secured, not only for you but also for your visitors.
- How to Setup Two-Factor Authentication on a WordPress Blog?
- Link Placement Guide for Better Search Ranking?
- How to avoid being hacked: 5 Easy steps to protect yourself?
Have you made a transfer to HTTPS? Let us know the biggest challenges you encountered while doing it? Have any questions in your mind? Feel free to ask in the comment section.
Like this post? If yes, then don’t forget to share it with your friends on Facebook, Twitter, and Google Plus!