How to Use Cloudflare SSL In Full Strict Mode for WordPress Free

How to Use Cloudflare SSL In Full Strict Mode for WordPress Free

Get your Cloudflare SSL certificate and install it on Cpanel

In this article, I’m going to explain how to use Cloudflare SSL is free for WordPress website and how can we set it up manually by using step by step procedure. We can use “SSL” from Cpanel which is free of cost. and now all most all hosting service provider is offering its free with their hosting plan. but why should we choose Cloudflare? because of much security. As we know WordPress is open source, there is more chance of hacking, but if we connect our site with Cloudflare then it’s no doubt that we are getting huge security from it.

For this topic, I’ve used one of my domain, so follow my step by step procedure.

Add Your Domain To Cloudflare

First, we need to collect the origin certificate from Cloudflare. To get that first I need to add my website www.freeclass4u.class to Cloudflare, so the steps are below


image 1
image 2

Update Name Server

Cloudflare will then review your existing DNS records to see if it can find anything. So in this case there is no action is required to change. simply do click on the continue button and proceed. In my case, my doamin was in a different service provider and hosting was also different. Domain was from Hostingor and hosting was from Hostgator.To use Cloudflare DNS we need to replace the existing DNS with Cloudflare as instructed

image 3
image 4
image 5

After a few couples of time, we’ll get a message from Cloudflare that “Cloudflare is now protecting your website”

image 6

Get the Origin certificate from Cloudflare

Next step I’ll collect the origin certificate from Cloudflare. To get this I’ll go to SSL/TLS section and will create a certificate. there is nothing to change. we need to proceed with by default option. here the default option is “RSA” Let Cloudflare generate private key and CSR.

image 7
image 8

Proceed Website C-Panel With Cloudflare Origin certificate and private key

Next, we’ll get the origin certificate and private key. so keep save it on notepad properly and then proceed to website C-panel and hit on SSL/TLS which comes under security.

image 9

Upload CRT/Origin Certificate

Choose “certificate CRT”. After clicking on that you’ll get an option to upload a new certificate.

image 10

So just simply past the origin/CRT certificate there which we have collected from Cloudflare and save.

image 11
image 12
image 13
image 14

Upload Private Key

After completion of that, next, we’ll click on “SSL Manager” to return to SSL/TLS section and the same procedure we’ll follow which we had followed previously. Now it’s time to upload the “private key” which we have collected from Cloudflare and Do past private key and save.

image 15

Install and Manage SSL for your Site(HTTPS)

So we have already uploaded both. One is CRT/Origin certificate and another one is a “Private key”.Again we’ll return to SSL/TLS section just by hitting “Return to SSL Manager” then will choose to “install and Manage SSL for your site(HTTPS)” then hit browse certificate. we’ll choose our domain for which we have already uploaded both private key and Origin/CRT certificate previously and will hit use the certificate button.

image 16
image 17

In my case what i noticed that everything is filled up automatically. if it works for all then it’s a good thing. but it might not happen for all. The certificate authority bundle might not be filled up automatically. so we can collect it from here is named as “Cloudflare Origin CA — RSA Root”

image 18
image 19

Now we’ll notice that our SSL certificate has been created.

image 20

Install Really Simple SSL Plugin

Now it’s time to come back to our website and will install a plugin name “really simple SSL” and activate it.

image 21

Change to Full(strict) Mode

After activation, you may notice this type of interface on your WordPress dashboard. and the notification might say that “detected possible certificate issues”. so what’s next, We’ll come to our Cloudflare dashboard and will change SSL/TLS mode. whatever mode you have previously, it doesn’t matter but do change it to “Full(strict)” mode

image 22
image 23

Again we’ll come to our WordPress dashboard and hit “reload over “HTTPS” and suddenly you’ll be logged out from your dashboard. and do log in once again. then we’ll get a notification on our dashboard like “Almost ready to migrate to SSL” then hit go ahead and activate SSL The basic changes is required on “settings” simply enable 301 .htaccess redirect and save.

image 24
image 25
image 26
image 27

Install Plugin Better Search Replace

Now we need to install another plugin named Better Search Replace and will activate it. the plugin we’ll get under the tool section of the WordPress dashboard. and hit the better search and replace. The basic changes are required to filter out HTTP and HTTPS. Bellow following changes is required.

image 28

Instruction For Set Up Better Search Replace Plugin

Search for section – will add the domain name with “http” version
Replace with – will add the “https” version of the domain
Select tables – All tables will be selected
Case-Insensitive – No changes are required
Replace GUIDs – will add a “tick mark”
Run as dry run? – No changes are required
Either we should follow all the above steps or proceed as per the below-instructed pic. then hit “run search/replace” then we’ll get a notification something how many tables were searched and how many cells are updated.

image 29
image 30

Enable HTTPS On Cloudflare

Next, we’ll go to the Cloudflare dashboard and hit “SSL/TLS” and under edge certificate, we’ll enable both of two options one is the “Alway use HTTPS” and another one is “Automatic HTTPS rewrites”

image 31
image 32
image 33

Now the site has competed with SSL if you love this article then please share your valuable comment. I’ll try my best to solve your problem. You can also watch my complete video tutorial on how to complete this process. Youtube Tutorial here👇