Why bother installing SSL ?
Nowadays, a plethora of websites on the internet has been empowered by SSL, from news-serving sites to others dealing with sensitive credentials and critical data. SSL encrypts data sent from users’ browsers to the website server, ensuring that any malicious third-parties can not steal them. Apparently, all service providers working with clients’ sensitive data such as credit card information, are now obligated to implement SSL on their servers.
But, if your website is functioning as a personal blog, or like a newspaper, RSS-feed, does not store any of your readers’ personal information, nor dealing with such mentioned above business, you may question why your website should adopt SSL.
Regarding this question, it is reasonable that implementing SSL maybe not worth your time and cash invested in it, because implementing SSL only benefits the clients, not the service providers. However, it still has some merits that should be taken into consideration.
- End users will be shown a green lock and a title saying that the website they are accessing is safe. Though most of them don’t know and will not mind what the heck SSL is doing in the background, the green lock and the notice will reassure them that they will be unlikely to face any troubles caused by security compromise just by visiting your website.
- According to some internet rumors, having an SSL certificate on your website can affect your ranking on major search engines, especially Google. If you prioritize SEO then being secured by SSL may help you gain a notable advantage against your competitors when it comes to ranking on search engines.
If you were persuaded of having your website secured by SSL, then let’s move to the next section!
The hassle of traditional SSL and Cloudflare’s solution
Currently, SSL certificates can be distributed at a much more affordable price than years ago, as most domain providers now also have their own SSL provision. If you don’t choose your domain provider as your SSL provider, there are also a variety of SSL providers worldwide. If you don’t run seriously critical business that handling millions of your clients’ confidential data, then just go with the provider offering the cheapest price since all we need is a tiny green lock displayed on the end user’s browsing address and a better ranking on Google.
Yet, even after acquiring an SSL certificate successfully, installing it on the server may seems daunting for beginners and even experts. You may stumble at any steps of CSR creation, bundling certificates, binding to your website, editing host configuration files, etc.. Also, the way to set up an SSL certificate may vary according to the SSL providers and webserver types.
That’s when Cloudflare service comes to rescue! Cloudflare service offers zero-configuration, browser-based setup procedure for implementing SSL, and on top of that, it is FREE! For bloggers, writers, pennies per month just to maintain a tiny green lock on users’ browsers is overpriced, therefore a free option is obviously better! After registering with Cloudflare, you are not only provided with free SSL certificate, but also tons of helpful services like analytics, DDoS protection, cache management… and they are free too! Of course they also offer premium plans if you are willing to pay for more advanced services, but in this article we will stick with the free plan since it fully covers our needs here - a working SSL certificate.
I will not go into details of why Cloudflare can offer SSL certificates for free, please find it in other articles.
Procedure to have your website secured by Cloudflare
- First, register an account at https://cloudflare.com. After registering, you will be taken to a screen that requires you to enter your website domain.
From here, type your website domain in the address bar and hit Scan. While the server is gathering required information you will be welcomed with a video showing how Cloudflare SSL works.
After a while, you will be taken to the next screen, where your website’s DNS records are shown. Typically, if your site is already up and currently running, just ignore these settings and hit Continue.
The next screen is a table of offered service plans. Choose Free website and continue, you can always upgrade to a higher tier plan later.
This is the last step of registering your domain to Cloudflare service. Change your domain’s nameservers to the listed nameservers respectively. How you can change nameservers depends on where you purchased your domain, however if you purchased yours from a well-known supplier like GoDaddy or Namecheap, just google “how to change nameservers” plus your supplier’s brand name and a thoroughly written instruction will be found at search result page 1.
Press Continue when you finished changing your nameservers.
From now on you will be working with the dashboard. Select Crypto from the toolbar menu and verify that SSL status is set to Full or Flexible (I am using Full though).
Finally, hit Purge everything in the Caching preference, and congratulation! Your domain is secured by Cloudflare’s SSL successfully!
Please note that from the moment the setup is finished to the time https is displayed on end-users’ devices it may take up to 72 hours to reflect all settings so don’t worry if you haven’t seen your green lock on browser address bar yet.
Of course, if your server needs a specialized mechanism to encrypt data, or your service works with cash, credit information, or personal data, then you may prefer your SSL be issued by popular security firms like Symantec, Comodo, Verisign… and have your SSL installed by specialists. But, if your website only serves static contents, or blogs, resumes… why don’t give Cloudflare a chance? It will make your site look cooler, and it just takes minutes to complete.
P/s: The idea of free SSL was carried by Kloudsec before, and sadly it was gone bankrupt. Let’s Encrypt is also a free SSL distribution, but Certbot and other deployment tools might have a steep learning curve. Let’s choose something that suits our needs best, and worth our investment.
Article written by *Kaito Yuuki*