Hello everyone. I’m not sure of the response I’ll get here, but I’m here because I was referred to this site for SSL Certificates.
I am a Business Coach and Marketing Strategist, and I’ve just been schooled about the importance of Google’s updates and security with SSL. I am exhausted with reading and watching and listening. I need someone to lay it out to me, how would I use Cloudflare to help a client.
1 - What I offer and do if they have a website and domain somewhere else without https…
2 - If I sell a certificate from here, do I do the free one or the dedicated one, and if the dedicated one,
even though it says $5 per month, is that all it is, and why should I do that over the free one…
3 - Can I come here and do this for the client without the client knowing about where I purchased it from, and how much this costs or doesn’t cost?
4 - What are the details I need? Their login credentials at their hosting cpanel, nothing, or what?
Am I missing anything? This has to be pretty simple, and so far I have no clear path to the steps I need to follow. Prematurely, I would appreciate anyone, especially who does this for their clients, to explain in plain English how to get it done, or have someone else do it.
Move them to a host that supports HTTPS. If you’ve got clients, do it right.
The free cert here is excellent, and getting better all the time. The free ones used to be shared, but the new free ones aren’t. That was the main reason people bought the $5 ones.
You can’t hide Cloudflare from a client. A client who pokes around a little can easily figure it out.
You only need access to their domain registrar so you can point the name servers to Cloudflare. You might need cPanel access just to double check the DNS records here before switching over.
It’s best to use a separate Cloudflare account for each client. That way clients have access to their services so you don’t become that hated dev who leaves a client high and dry.
But, before you read on, I appreciate the fact that you are even responding.
2 emails ago, I made it obvious I am in business as a Marketing Pro,
and am looking for a place to do my SSL business with my clients.
Problem is, not one person in 2 weeks can tell me simply, here are
steps 1, 2, 3, 4, and 5…DONE!
They are all answers to my questions that make me want to ask 5 more questions.
Here is an example of what I mean sdayman, (which I have no idea what your name is)
Move them to a host that supports HTTPS. If you’ve got clients, do it right. OK…I wouldn’t want to do it wrong. “to a host”? That’s why I am talking to Cloudflare, right?
Or, do I completely not get what you mean?
The free cert here is excellent, and getting better all the time. The free ones used to be shared,
but the new free ones aren’t. That was the main reason people bought the $5 ones. So, would the “free” one’s be OK for ALL of my clients? And what determines that?
What would be one that they would “pay” for, and why would they want to do that?
You can’t hide Cloudflare from a client. A client who pokes around a little can easily figure it out.
You only need access to their domain registrar so you can point the name servers to Cloudflare.
You might need cPanel access just to double check the DNS records here before switching over. Is this work I do, or can I get Cloudflare to do it? And if so, what is that cost?
When you say, “Point the name servers to Cloudflare”, and “double check the DNS records”,
I have no idea what you are talking about. Exactly I mean. I know what a c-panel is, and
I think I pretty much know what DNS is (I think).
It’s best to use a separate Cloudflare account for each client. That way clients have access to their services
so you don’t become that hated dev who leaves a client high and dry. Having an individual account for each is OK, but, so I would tell them who I am using,
and they don’t need me anymore after I charge them to get it done? And then they call
you guys and find out I charged them 20x the amount they could have done it with you?
Or they learn they could have done it for free? Man, if I up-sold them or cross-sold them,
I’m pretty much thinking they will stop paying me at that point. Or, am I just looking at this wrong?
And, whoever you are, thanks for putting up with my emails.
Starting something new, in which plain English explanations
seem to be a thing of the past, has me aggravated more than I can say,
Cloudflare isn’t a web host, they provide security services, including HTTPS to existing sites. For a site to be fully secure, an SSL certificate needs to be installed on the web hosting provider as well. Most hosts do support this now (and they all should), Cloudflare provides free Origin Certificates to install on the site to make it fully secure.
The free certificate should be OK for all your clients, they are now just issued to the customer’s domain, as @sdayman said, so there is no reason why it wouldn’t be enough.
The certificate is issued by Cloudflare, the website will now be on Cloudflare nameservers, so yes - you can tell that a website is using Cloudflare.
No, Cloudflare setup has to be done by the customer - the nameservers have to be changed at the domain registrar (where they got their domain from) to point to Cloudflare. The DNS records in Cloudflare have to match those at the web host (in cPanel). Cloudflare can’t set it up for you.
In my opinion, you definitely need to allow clients access to their own Cloudflare account. The Cloudflare free plan can be set up by anyone, yes - they could do it themselves for free, you would just be setting it up for them. Should their web host change in the future or they have an issue, they will need to be able to access the Cloudflare settings to sort it out, hence why they should have access to their account.