This article will guide you on how to add a website and enable Free SSL Certificate from the CloudFlare panel.
Cloudflare will speed up and protect your site. It provides a free SSL certificate to encrypt the data transmission between the browser and the web server. This free SSL (Universal SSL (Shared/Default SSL)) certificate can secure the main domain (yourdomain .com), and all its subdomains (*.yourdomain .com). Once you enable CloudFlare free SSL certificate, traffic from the browser to the CloudFlare server will be encrypted, but traffic from CloudFlare to your website's origin server will not be encrypted.
This article outlines the steps to add your first website and to enable a FREE SSL certificate of Cloudflare.
1. Create an account and log in.
Go to the Cloudflare website and create an account and log in to your CloudFlare Account.
2. Add your site
i. Click on Add a Site button from CloudFlare Dashboard.
ii. Enter the domain for your website and then click Add Site. It's not necessary to add "www" to the domain. For example, if your website is www.example.com, type example.com.
iii. CloudFlare will scan your domain's DNS records. This will take approximately 60 seconds to complete. Once the DNS scan has finished, you will see We're querying your DNS records page. Click on Next.
iv. Select a FREE plan and then click on Confirm Plan.
v. It will ask for plan confirmation; click on Confirm.
3. Configure DNS records
i. On the next screen, you will see the list of current DNS records for your website including your subdomains. It will also display additional information as to which traffic will be protected by CloudFlare and which won't.
ii. You need to click on the orange cloud icon to enable Cloudflare for a particular DNS record. You can keep it disabled (gray cloud icon) if you want to bypass CloudFlare for that DNS record. If there are any additional records you'd like to add, you can add them here. After you've reviewed your DNS records, click Continue.
iii. On the next step, you will see Cloudflare nameservers for your domain. Please write down the Cloudflare nameservers provided on this page. Click on Continue.
iv. Congratulations! The final step is to update the nameservers for your domain with the Cloudflare nameservers at your domain registrar. Once the nameservers for your domain are propagated, CloudFlare activates your website and it will show the status Active on the Overview page. You can check the SSL status in the Domain Summary section.
4. Manage SSL and Caching
i. Flexible is enabled by default for your website.
Flexible SSL — (No SSL certificate)
- DO NOT use this option if you have already added an SSL certificate to your domain.
- The connection between the user and Cloudflare is secure, but the connection between your Hosting Server and Cloudflare is not encrypted.
- This is the default setting for your domain when you add a FREE Cloudflare plan to your domain without an SSL certificate.
- This setting does not require you to purchase an SSL certificate.
Full — (Self-signed certificate)
- ONLY use this option if you have a self-signed certificate.
- The connection between the user and Cloudflare is secure. The connection between Cloudflare and Hosting Server is secure but not authenticated.
- Your visitors will see HTTPS and a secure padlock in their browser.
- You must have at least a self-signed certificate installed.
- Cloudflare does not verify the authenticity of the certificate you installed.
Full (Strict) — (Third-party SSL certificate)
- You can use this option if you have a Third-party SSL certificate.
- The connection between the user and Cloudflare and from Cloudflare to Hosting Server is secure.
ii. You can Manage SSL cryptography settings for your website from the Crypto tab located at the top of the window.
iii. Now click on the Caching tab located at the top of the window. Click on the Purge Everything button.
iv. In the confirmation box again click on Purge Everything.
Note: Purging the cache may temporarily degrade performance of your website and increase the load on your origin server.