Cyber Security in this point of time is a really important for even the simplest things we do on the Internet. The whole world is still suffering from major identity thefts, frauds, etc. and one of the reasons for that is because the website they were giving their valuable information to did not have enough security to keep their information secure. So understanding all the issues in the current world, I am creating this article where I’ll be teaching you on how to enable SSL on your website in just a few simple steps using CloudFlare.
So understanding all the issues in the current world, I am creating this article where I’ll be teaching you on how to enable SSL on your website in just a few simple steps using CloudFlare.
Here are a few points telling why SSL is so important:
- SSL Encrypts Sensitive Information Like Passwords, Email-ID’s and even Credit Card details on E-Commerce Websites.
- SSL Provides Authentication so when you log in or submit your important details, you know it is going to the correct server and no one is interfering with the connection between you and the origin server.
- SSL Builds Trust between you and your clients/users, the green “https://” proves that you are concerned about the security of your users.
- SSL is Required for PCI Compliance, if you are going to accept your client’s credit card information, then you need to comply with PCI requirements and one of them is having SSL certificate on your website.
I don’t see a point why you shouldn’t get it. Is it the price of it which is bugging you? You would be surprised to know but it’s free from CloudFlare, let me teach you how to get it then.
Before we get started, you need to enable CloudFlare on your domain, they already have an amazing article which will guide you on how to do it. Click Here to visit their article.
Now once you are done with that, let’s get started:
- In CloudFlare’s Dashboard, Click On The “Crypto” Tab and Open It.
- Now Change the SSL setting to “Flexible” because to have a “Strict” setting, you need to install the certificate on the Origin server as well which will be covered in a future guide I’ll be making.
- Now scroll down on the same page and at the bottom, enable “Automatic HTTPS Rewrites”.
- You are now done with “Crypto” tab, now open the “Page Rules” tab from the menu.
- Click “Create Page Rule”.
- Enter your domain in this format “http://www.YOURDOMAIN.com/*”, make sure to add “/*” at the end and “www” at the start. After that choose “Always Use HTTPS” from the Drop Down Menu, now click “Save and Deploy” and you are almost done.
- Follow Step 7 as it is but just change the URL format to “http://*.YOURDOMAIN.com”, add “*” where you had “www” before. Then enable “Always Use HTTPS”, Click “Save and Deploy” and you are finally done.
We are now done, you can now visit your website and it must have HTTPS. If you have any issues regarding this tutorial, comment them down below and I’ll get back to you soon. Thanks for reading.