Cloudflare Plus Ssl To Make Your Wordpress Fast And Secure
CloudFlare is a famous CDN ( content delivery network ) provider in the world. A lot of company use their service. The amazing service they provide can make your website very fast and more secure if you use it correctly. And it provide a free plan for you to use. It is the only one provider who can let you use it without cost.
1. CloudFlare Overview.
1.1 Why CloudFlare Is Fast?
From above picture we can see that because cloudflare has cdn nodes all over the world, so if your web server use that network, your web content will be cached in all those cdn nodes server. So when a user browse your domain, cloudflare will provide the cached content from the nearest node to the client user, this can increase response speed and decrease original web server pressure.
1.2 Why CloudFlare Is Secure?
Without cloudflare, client user can access your web server directly. This expose your web server ip to all the clients. It is dangerous because hacker can attack your web server at anytime.
With cloudflare, client user do not know your server ip because your domain will be resolved by cloudflare dns server, and cloudflare will choose a dynamic node to serve the request, so the ip address is also changed dynamically.
2. How To Use CloudFlare With WordPress?
- Register a cloudflare account follow this link. READ : How To Remove Cookie In WordPress Plugin Wp Super Cache Http Response Header Vary
Cloudflare provide three kind of SSL mode. You can find detail introduction in page
- Then turn on Always use HTTPS and Automatic HTTPS Rewrites option at bottom.
- Now when you input http url in web browser, you can find browser change it to a secure https url.
3.2 Fix Https Mixed Content Error.
When you browse web page using https, if you find image not shown, css or js missing in the https page, you can right click web page in chrome and click Inspect menu item to see the error messages in inspector console. You may find below error messages.
Mixed Content: The page at … was loaded over HTTPS, but request … This request has been blocked; the content must be served over HTTPS.
This error message means the page contains some url which start with http not https, you can use below method to resolve this.
- Use cloudflare Full SSL mode. This need to install certificate in your web server and change the original web server to support https. You can use a wordpress plugin Really Simple SSL to implement this.
- Use another wordpress plugin READ : How To Setup WordPress Website On Bluehost
3.3 Make Yoast Generated Sitemap Url Use Https.
After above configuration, you can see that when you input url like http://dev2qa.com in a web browser, it will be changed to https://dev2qa.com.
But if you use SEO tool ( such as Yoast ) to generate sitemap xml, and when you use http://dev2qa.com/robots.txt to see the sitemap content, you will find that all sitemap xml content url still use http:// as the prefix.
You need follow below steps to make the Yoast generated sitemap xml url to use https:// prefix instead of http://.
- Login WordPress admin console as administrator.
- Click Settings —> General menu item in left navigation panel.
- Change both WordPress Address ( URL ) and Site Address ( URL ) value start with https:// prefix and save the settings. Then after a while, you can see the Yoast SEO tool generated sitemap xml url changed to https:// started.