Best method/configuration for a HTTPS website?

General
1

Hello Cloudflare,

I,m wondering what the best method/configuration is for a HTTPS website?

Domain: hospa.nl

  • I have my own webserver (VPS)
  • With Let’s Encrypt made a certificate for this domain
  • Have set for this domain four bindings:
    http://www.hospa.nl
    http://hospa.nl
    https://www.hospa.nl
    https://hospa.nl
  • With URL rewrite I’m forcing to HTTPS
  • In my Cloudflare I have set SSL to Full (strict)
  • And the setting ‘Always Use HTTPS’ to OFF
    This works fine!

And an other domain (de-schoof.nl) is configured like:

  • I have my own webserver (VPS)
  • Have set for this domain two bindings:
    http://www.de-schoof.nl
    http://de-schoof.nl
  • No URL rewrite rule for forcing to HTTPS
  • In my Cloudflare I have set SSL to Flexible
  • And the setting ‘Always Use HTTPS’ to ON
    This works also fine!

What is the preferred configuration off the two?

Regards,
Kenneth

2

The first one is better because you’re using HTTPS at the server for end-to-end encryption, but you should set “Always Use HTTPS” to ON. This will let Cloudflare handle the redirect which is faster and less load on your server. Enabling “Automatic HTTPS Rewrites” is helpful as well.

3

Thanks sdayman. And is the URL rewrite to force SSL on my webserver necessary in situation 1?

Regards,
Kenneth

4

Not right now, but if you move your site off of Cloudflare, you’ll need it. You can leave it in with no performance drop.

5

Thanks mister sdayman!

1 Like
6

This topic was automatically closed after 14 days. New replies are no longer allowed.