Are you an avid WordPress user? Of course, you are and that is why you have landed on this web page. WordPress ranks on the top in terms of the number of websites that are made using WordPress.
Fun Fact: according to word camp there are currently 75 million active websites that use WordPress.
Now because of such wide usage, it catches the sights of many evil people over the internet. Among all the CMS (Content management platform ) WordPress sites are hacked the most. The reason is not any vulnerability of WordPress but it is because of the themes and plugin that are used on top of it that causes these breaches.
Benefits of using SSL certificates:
Have you ever noticed this difference between “HTTP” and “HTTPS”? many times if you try to access an unsecured website your browser might give you a warning and restrict you from accessing that website. Anthe, SSL certificate enables a site to move from HTTP to HTTPS. It is a data file that is hosted on the website’s origin server.
How does an SSL certificate add value to your website apart from providing security? A secure website with an SSL certificate stands out as a quality standard for your user and earns your user trust. A secured website is also a Google ranking factor. A website using HTTPS protocol will rank higher than a website using the HTTP protocol. This is because Google considers an HTTPS website more secured than an HTTP website hence, an SSL certificate can increase your SEO ranking and rank higher.
How does an SSL certificate work?
Having talked about the benefits of an SSL certificate let us first clear the clutter for all non-technical readers what is it and how it works.
HTTP stands for the hypertext transfer protocol with an ‘S‘ at the end it means ‘secured‘. So basically HTTP is just a protocol this when combined with an SSL certificate it becomes HTTPS. SSL- Secure socket layer is also known as TLS- Transfer layer security provides security for the transmission of data that occurs when your browser connects with the webserver. It works with the help of cryptographic encryption, whenever you try to send or receive data it is converted into an unreadable format so that it cannot be intercepted by the hacker and data integrity is maintained.
The below figure will make you very clear about its working.
Earlier establishing an SSL certificate was very technical stuff and expensive stuff for many new players on the internet and they couldn’t afford to secure their website. There are many SSL certificate providers from whom you can purchase it. you can also purchase the same from your web hosting provider.
Today, we are going to learn a free method through which we can secure our WordPress website in just a few steps. Cloudflare Flexible SSL helps you secure your WordPress website and works the same way as any other SSL certificate that you purchase.
Let us now dive into the topic and learn how to connect the Cloudflare Flexible SSL certificate with our WordPress site.
Steps to set up Cloudflare Flexible SSL on WordPress website:
The whole configuration involves several steps that need to be followed in sequence from different platforms. We have tried to simplify the configuration and keep it simple for you. There are 3 major steps involved in setting up Cloudflare Flexible SSL.
- Activating Cloudflare flexible SSL certificate for your WordPress website.
- Installing essential plugins on the WordPress site.
- Changing the WordPress Site URL
- Redirecting traffic from HTTP to HTTPS using Page rule.
Activating Cloudflare flexible SSL certificate:
Step 1: Sign up on Cloudflare.
Step 2: Add your WordPress website.
Step 3: Select the free plan and proceed further
Step 4: Changing domain name servers:
This step is important for the whole thing to work properly. The domain registrars might be different from your hosting provider. Follow the given steps in the photo below to complete the setup. Now, click on the crypto tab and select flexible from the dropdown menu under SSL settings, and activate the certificate.
Installing essential plugins on the WordPress site:
Cloudflare Flexible SSL plugin:
This plugin is necessary for the Cloudflare SSL to work properly on your WordPress site. This plugin prevents the so-called redirect loop that might occur. This plugin comes into action whenever your WordPress site is serving HTTPS traffic. To install this plugin in your WordPress dashboard go to plugins> Add new> Search for Cloudflare SSL plugin and click on install now.
WP force SSL plugin:
This plugin forces the HTTP traffic to HTTPS. It redirects your HTTP traffic to HTTPS using your SSL certificate. All you need to do is activate the force SSL plugin from plugin settings and everything will be configured for you.
Changing the WordPress site URL:
There are two addresses WordPress address and the Site address. The WordPress address is for the admin page. We need to change the site address, this is the site address on which the users land. Using Cloudflare SSL we need to point the address to the HTTPS version of the site.
Note: The WordPress address must not be changed.
Redirecting traffic from HTTP to HTTPS using page rule:
This is the final step in setting up your Cloudflare SSL for a secure connection and to increase the level of security for your users.
Step 1: Go back to the Cloudflare profile page.
Step 2: Select the page rule tab on Cloudflare.
Step 3: Enter your domain name.
Step 4: Under pick, a setting dropdown menu chooses “Always use HTTPS”.
Once you have followed these steps properly and please remember it is necessary to follow them in the same sequence. It is now time to check if your website is running in SSL mode. To verify if your Website is running in SSL mode i.e. using HTTPS open your website in a new tab on the browser and you will be able to see the green lock in the URL bar.
Hope that this article has helped you in setting up the Cloudflare SSL certificate on your WordPress website. Securing your website is very crucial to keep your user’s data and even your data safe. Also, such security features increase your customer’s trust in your company and help you gain more business. HTTPS is also an important SEO factor considered by Google.
If you have any query, need any security or maintenance service for your WordPress site then please free to contact us at wpuber.com