SSL/TLS encryption is essential to secure data between your website and its visitors. Cloudflare provides free SSL/TLS certificates, allowing your site to load securely with HTTPS. This article explains how to enable Cloudflare’s free SSL/TLS encryption in a few simple steps.

Why Enable SSL/TLS on Your Website?

• Protect User Data: Encrypt sensitive information like passwords and payment details.
• Improve SEO: Search engines prioritize secure websites with HTTPS.
• Boost User Trust: Visitors feel more secure when seeing the padlock icon in their browser.

Step 1: Add Your Website to Cloudflare

1. Sign up or log in to your Cloudflare account at Cloudflare Dashboard.
2. Add your domain: After logging in, click on “Add Site” and enter your website’s domain (e.g., example.com).
3. Select the Free Plan when prompted.

To know how to add domain in Cloudflare: click here

Step 2: Update Your DNS Records

Once your domain is added, Cloudflare will scan and list your current DNS records.

1. Review your DNS records and ensure they match the records at your current hosting provider.
2. Update your domain’s nameservers to the ones provided by Cloudflare. You will need to log in to your domain registrar to update the nameservers.

Step 3: Enable SSL/TLS Encryption

1. Once the nameservers are updated and your website is active on Cloudflare, go to the SSL/TLS tab in the Cloudflare dashboard.

2. Select Full or Full (Strict) mode for encryption:

• Full: Encrypts communication between Cloudflare and your server using any valid certificate.
• Full (Strict): Requires a valid SSL certificate on your server.

If you don’t have an SSL certificate on your server, you can use Full mode for encryption between your website and Cloudflare.

Step 4: Set “Always Use HTTPS”

• In the SSL/TLS tab, scroll down to the Edge Certificates section.

• Enable the Always Use HTTPS option. This forces all traffic to be served over HTTPS, ensuring your website is always secure.

Step 5: Enable Automatic HTTPS Rewrites (Optional)

To prevent mixed content issues (insecure HTTP elements on your HTTPS site), enable Automatic HTTPS Rewrites.

1. In the SSL/TLS tab, find the Automatic HTTPS Rewrites section.
2. Toggle it to On. This will ensure all resources (like images and scripts) load over HTTPS.

Step 6: Test Your Website

After enabling SSL/TLS, it may take a few minutes for the changes to take effect. Once everything is set up, visit your website and check for the following:

• The URL in the browser should start with https://.
• A padlock icon should appear next to the URL, indicating the connection is secure.

Troubleshooting Tips

• If your site isn’t showing the padlock, check for mixed content (resources loading over HTTP instead of HTTPS). The Automatic HTTPS Rewrites feature can help fix this.
• Cloudflare’s SSL/TLS certificates may take a few minutes to activate, so if you don’t see HTTPS immediately, wait a while and check again.

Conclusion

Enabling Cloudflare’s free SSL/TLS encryption not only enhances your website’s security but also improves SEO and user trust. By following these simple steps, your website will be protected by HTTPS and ready to serve your visitors securely.