Google announced that it will be counting HTTPS as a ranking factor now, meaning if you use HTTPS it will increase the chances of Google ranking you higher in its search results. The first thing that bloggers or site owners think of when switching to HTTPS was it’s expensive and technical in terms of installing SSL certificates. Luckily you’re here reading this blog post because I’ll be sharing how you can get FREE SSL for your WordPress blog.
Cloudflare has released a free version of SSL certificates that does exactly the same job and is easier to set up.
What is SSL?
SSL (Secure Socket Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This secure link ensures that all data transferred remains private. It’s also called TLS (Transport Layer Security). Millions of websites use SSL-encryption every day to secure connections and keep their customer’s data safe from monitoring and tampering.1
Why Use SSL?
- Performance: Modern SSL can actually improve page load times.
- Search Ranking Boost: Search engines favor HTTPS websites.
- Security: Encrypting traffic with SSL ensures nobody can snoop on your users’ data.
- Trust: By displaying a green lock in the browser’s address bar, SSL increases visitor’s trust.
- Regulatory Compliance: SSL is a key component in PCI compliance. 1
!Important: Follow these steps on your own risk.
How to Set Up Cloudflare Free SSL to WordPress
- Sign up to Cloudflare.
- Click the Add Site link at the upper right corner of the page.
- Enter your domain name, and Begin Scan.
- Just follow the steps in adding your domain name.
- Select the FREE plan and continue.
- Please visit your registrar’s dashboard to change your nameservers to the nameservers that Cloudflare will provide.
- Continue then Cloudflare will tell you when your Flexible SSL is active. Normally it will take around 15 minutes or less. You will receive an email that Cloudflare SSL is active or you can refresh the page.
How to Prepare WordPress for Cloudflare Flexible SSL
In your WordPress backend, leave WordPress Address (URL) and Site Address (URL) as HTTP.
- Install two plugins: CloudFlare Flexible SSL by iControlWP and WordPress HTTPS by Mike Ems.
- Activate both plugins.
- Configure WordPress HTTPS by going to the plugin’s setting.
- Select Yes for the proxy setting.
- Hit Save.
How to Instruct Cloudflare to Deliver your Content via HTTPS
At this time, your blog/site should be active on Cloudflare.
- On Cloudflare site, select your domain.
- On the list of menu, go to Page Rules.
- Create two page rules. See settings below. (Click the image to zoom.)
Change your WordPress Site Address (URL)
Your final step in setting up Cloudflare SSL on your blog is to change your Site Address (URL) to HTTPS://, but make sure to leave WordPress Site Address (URL) in HTTP. Changing your WordPress Site Address (URL) to HTTPS will break your site. If you change your Site Address (URL) to HTTPS without the Cloudflare Flexible plugin running, it will also break your site.
Look for the Green Lock
Now we have set it all up, check if your Cloudflare Flexible SSL is working on your WordPress site by visiting your site main page and check if you see the green lock on the top left of the browser’s address bar.