Introduction
Google announced that HTTPS
would become an important ranking signal, so HTTPS
websites will have a higher advantage of ranking over HTTP
links, Thats mean more traffic, and more revenue (if your website running Ads).
also non-HTTPS websites will be signed with a “non-secure” message at all Chromium engine web browsers.
Any way contents benefits still the king, but what about to switching secure-HTTP for free,
Yes you can do and enjoy that using your Cloudflare Free Account Benefits including CDN, saving bandwidth,Security , DDOS Mitigation, Simple DNS Management, Free Universal SSL Certificate, and more.
What we need to do now, is to switching our Drupal ,or WordPress CMS to `HTTPS` for free using Cloudflare Flexible SSL
service.
For who need help to setting up Cloudflare free account please follow the Create a Cloudflare account and add a website guide. or watching the below learning video.
SSL Adjustment
Next step will be setting Crypto options at Cloudflare Account main menu please select Crypto Menu Icon (Manage cryptography settings for your website)
- We need to select
Flexible
at SSL section.
Flexible SSL means: Visitors will be able to access your site over HTTPS
(Through cloudflare), but connections between Cloudflare and your origin will be made over HTTP
. (This is exactly our case.)
- Now set Always use HTTPS to ON
- Set Automatic HTTPS Rewrites to ON
Drupal: Configure and Adjustment Cloudflare ssl terminal
In order for Drupal to know that it should only use SSL for this page request, and not allow connections from plain HTTP, we have to add the following to settings.php
:
// Force HTTPS, since we are using SSL exclusively if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') { $_SERVER['HTTPS'] = 'on'; } }
WordPress: Configure and Adjustment Cloudflare ssl terminal
For adjustment wordpress, we will need to install and enable the CloudFlare Flexible SSL WordPress plugin
because your site will be flexible or plain HTTP connection for Cloudflare side, you do not need to change Drupal or WordPress sites URLs to HTTPS
.
also its safe to turn off `SSL` whenever you want from within CloudFlare, and your Drupal or WordPress site will continue loading on HTTP
for visitors.
Hope that helps,
thanks.