These days the best available transport layer security (TLS) can be acquired at no cost. And purchasing a certificate is no longer necessary. Here’s how we do encryption correctly using CloudFlare Free FULL Strict SSL on this blog!
Running your website forum or blog under CloudFlare provides the best available speed through caching and unbeatable firewall in the business. It’s as easy as going to cloudflare.com and registering your account. After registering your webmaster account click add website and follow the prompts.
After your domain is active on cloudflare click the Crypto Tab.
The following choices are:
SSL is terminated at the Cloudflare edge servers. Everything between your client and Cloudflare is encrypted, but between Cloudflare and your origin server is not encrypted. You would not need a certificate directly installed on your server for full encryption.
SSL is terminated at the Cloudflare edge server. Then it is encrypted again, and sent back to your servers all encrypted. You would need an SSL certificate installed directly on your server for this option. You can also use a self-signed certificate for this option.
SSL Full (strict):
Same as SSL Full, but you must have a certificate that is signed by a CA (Certificate Authority.)
Flexible is the easiest to set up but we do not recommend going that route. Traffic between your server / hosting account is not encrypted. Anyone could in theory sniff and intercept / replace the packets while in transit. Also those running WordPress will probably encounter redirect loop errors.
We recommend the Full option. It requires whats called an origin certificate. If you have the ability to generate a signed certificate request and self signed certificate do so. Then install that self signed certificate onto your domain hosting account or sever.
The Strict option requires an origin certificate by a cert provider. We use Comodo Positive SSL certs obtained from ssls.com as low as 4.99 per year.
Running WordPress under encryption can be challenging. Mostly dealing with insecure images, insecure embedded YouTube links.
We use this old but reliable WordPress HTTPS plugin. It converts any insecure links “http:// into protocol relative ://” that prevents most insecure errors. We use this website to analyze encryption errors.
Retired Used Car Dealer (trust-me) and ASE Cert Mechanic with over 40 years experience. I'm also a Hobbyist DOS days Fidonet Bulletin Board System Operator (BBS SysOp) turned net guru. Just hanging out in cyberspace keeping up with tech!
Search This Blog
Select Your Language
We are using cookies to give you the best experience on our website.
You can find out more about which cookies we are using or switch them off in settings.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.