First things first. Ever noticed that http:// in front of every website name? That’s the communication protocol through which your web browser talks to the server on the Internet. HTTP stands for Hypertext Transfer Protocol and it’s not encrypted. This means that anyone can potentially read whatever you send over the Internet, or even get access to your bank account. Pretty scary, right?
Google agrees with that too and actively punishes websites served over this old and insecure protocol with a low ranking in its search results. The low ranking is the last thing you want to face and that’s why you should always make sure that your website is delivered over a secured connection. HTTPS (HTTP over TLS) is an extension to HTTP that encrypts the communication using TLS/SSL (Transport Layer Security/Secure Sockets Layer). Here’s a great article about the impact of TLS/SSL on rankings.
Getting HTTPS is quite simple and free of charge. All you need is a certificate issued by an authority and the easiest way to get is via Cloudflare. With a free Cloudflare account, you’ll get not only secure HTTPS protocol, but it will also speed up your website with caching and other improvements like CDN for the fast delivery of resources like images and video.
If you’re just starting and don’t have your blog yet, stop right here and read How to Build a WordPress Blog where I explain exactly what to do to get you up and running. Don’t worry, this article will wait here for you 🙂
Please note that some of the links in this post are affiliate links for products I use and love. This means if you click on such a link and take action (like subscribe, or make a purchase), I may receive some coffee money at no extra cost to you. This helps me creating more content free of charge to you. And, as an Amazon Associate, I earn from qualifying purchases. Thanks for your support!
To set up an HTTPS protocol with Cloudflare, you need to use their DNS service. Don’t worry, it’s available for free, you just need to change your domain’s nameservers to Cloudflare’s nameservers. This is done in the settings of your domain.
For example, some of my domains are registered with Namecheap, but I changed the nameservers to Cloudflare NS aron.ns.cloudflare.com and james.ns.cloudflare.com so I could manage my DNS records from my Cloudflare account.
So, here’s the whole step by step guide to get yourself a free SSL certificate to deliver your website via HTTPS protocol:
Step 2: Add a new domain to your Cloudflare account
Next, click the +Add a Site button and fill out the name of your domain:
Step 3: Select a Free plan
Next, you’ll need to choose the plan. I suggest you stick with the Free plan which offers plenty of features. I’m using Cloudflare for nine domains and I’ve never needed a paid plan. However, I wanted to give something back to this great service so I moved many of my domains to Cloudflare as my domain registrar.
Once you confirm your plan, Cloudflare will scan for your domain DNS records which might take a while:
Step 4: Make sure that all DNS records were transferred properly
Once it’s done, you’ll be asked to review your DNS records and confirm that everything has been configured correctly. If you’ve never used your domain before, and this is your initial setup, you don’t have to care about these records at all, but there are people with established DNS records for emails and so on. In such a case, it’s crucial to make sure that everything will transfer without any interruptions.
As you can see, my registrar Porkbun set these DNS records for me automatically during domain registration. There is an A record which points to a specific IP address, CNAME records for third-level names, like www., and finally some email records as well.
Step 5: Change the default nameservers to Cloudflare’s nameservers
Once you click the Continue button, you’ll need to replace your current nameservers with Cloudflare’s nameservers, otherwise, you won’t be able to manage your DNS and optimize your site.
The process should be fairly easy regardless of your current domain registrar. You should be able to locate nameservers and change them. In the case of Porkbun, this option is called AUTHORITATIVE NAMESERVERS and after clicking the Edit button, you’ll be able to set new nameservers for your domain:
Just copy and paste those two Cloudflare nameservers and hit the Submit button:
New nameservers should appear in the list:
If you’re using Namecheap as your domain registrar, for example, the process looks very similar. First, click the MANAGE button next to your domain:
Select the Custom DNS option for the NAMESERVES setting:
Fill out Cloudflare’s nameservers and save the changes:
Once you have that, you’ll need to wait until the changes are propagated, which can take up to 24 hours.
Typically, it’s much quicker and you’ll be notified via email:
Once your domain is handled by Cloudflare, you can continue with the setup.
Step 6: Set up an SSL certificate
First, you want to make sure that you have Full end-to-end encryption enabled. This is the best option because you don’t need to deal with your own certificate, Cloudflare will take care of everything for you:
If you can’t see this page, select SSL/TLS (formerly Crypto) in the top menu and then select the Full certificate from the dropdown menu:
Next, you want to turn on the redirects to https. This means that whenever someone tries to access your website via the http protocol, they’ll be automatically redirected to https.
Scroll down and hit the Done button:
Step 7: Connect your website
Now that your DNS is managed by Cloudflare, you can connect your website with your domain name.
To do that, you need to modify the A record and change the IP address to which your domain will point.
Click the DNS icon in the top menu to get to your DNS records:
This is what it looks like. These are records transferred from Porkbun registrar:
Now, we’ll remove everything and change the A record and CNAME record:
Next, you’ll need to go to your web hosting account and locate your website’s IP address. If you’re using SiteGround, you’ll find it under the My Accounts menu item when you click the Information & Settings tab. It’s called the Account IP:
Copy it and paste it in Cloudflare as a new IP for the A record:
Also, change the CNAME record for www to your domain name:
Now you need to wait until these DNS changes are fully propagated throughout the network which might take 72 hours. Most of the time, it’s much quicker.
Step 8: Delete cached content
To make sure that you’re served up-to-date version and not the cached content, take these two steps.
Let’s purge the Cloudflare cache first. In the main menu, select Caching and then click the Purge Everything button:
Next, let’s delete your local DNS cache. This will force your web browser to load a fresh version of the website from the server by flushing your local DNS cache.
Click “Start” and type the word “command” in the Start search field. Right-click the command prompt icon and select the option to “Run as Administrator”.
Now, you should be able to reload your website and see the new content:
Check that your website is now served over HTTPS protocol:
When you click the Certificate link, you’ll see more details about the certification authority:
Great job! Now your website is delivered over a secure connection. Your visitors and especially Google will be very pleased!
Shameless plug for existing WordPress websites
If you’re already running the WordPress website and either still use an insecure HTTTP connection or simply don’t want to pay for an SSL certificate, I’ve created an online course where I will show you how to easily transfer your existing WordPress website to Cloudflare without any interruption. It already helped more than 2.000 website owners and I hope it’ll help you as well.