I have a Wordpress using Cloudflare Flexible SSL.
In Wordpress I have the following plugins installed and activated:
- W3 Total Cache plugin, with Cloudflare configured
- Cloudflare Flexible SSL plugin
- Cloudflare plugin
My Cloudflare Crypto menu settings are:
SSL = Flexible
Always use HTTPS = ON
HTTP Strict Transport Security (HSTS) = Not Enabled
Automatic HTTPS Rewrites = ON
I have three page page rules configured:
- http://.mysite.com/ = Always use HTTPS
- mysite.com/wp-admin/ = several settings
- *mysite.com/wp-login.php = same settings as Rule 2
Everything works great!
I have two questions about the page rules:
- Do I even need Rule 1 with the Crypto settings that I have?
- If Rule 1 is necessary, should it be first or last in the rule set?