HTTPS page rule required for Flexible SSL?


#1

I have a Wordpress using Cloudflare Flexible SSL.

In Wordpress I have the following plugins installed and activated:

  1. W3 Total Cache plugin, with Cloudflare configured
  2. Cloudflare Flexible SSL plugin
  3. Cloudflare plugin

My Cloudflare Crypto menu settings are:
SSL = Flexible
Always use HTTPS = ON
HTTP Strict Transport Security (HSTS) = Not Enabled
Automatic HTTPS Rewrites = ON

I have three page page rules configured:

  1. http://.mysite.com/ = Always use HTTPS
  2. mysite.com/wp-admin/ = several settings
  3. *mysite.com/wp-login.php = same settings as Rule 2

Everything works great!

I have two questions about the page rules:

  1. Do I even need Rule 1 with the Crypto settings that I have?
  2. If Rule 1 is necessary, should it be first or last in the rule set?

#2

The “Always use HTTPS” option that you found under Crypto is effectively just a page rule that we made into a setting. So if you have it turned on, you can free up that page rule for something else (if you need it).


#3

Thanks Ryan. that’s what I needed to know.