SSL Cloudflare or Host

dash-crypto
#1

Hi,
Just started using Cloudflare and have a hosting with webfaction they support Let’s Encrypt certificate so have activated that on the webfaction.

Question Should the SSL be on Cloudflare or my host? or even both?

Thanks

#2

Both, you need one on your server and Cloudflare will also provide one for their proxies.

#4

Thanks, I see on Cloaudflare its set to flexible should I set this to full or full strict?

Also does it matter, say for instance i use the Cloudflare one they provide and then have a custom one on the server or is best practice to have the custom one on both?

#5

Full strict.

You could only have the custom one on Cloudflare as well if you have at least a business account. Otherwise you cant import your certificate. However the certificate issued by Cloudflare is more than enough. Simply keep Cloudflare’s universal certificate on Cloudflare and your LE certificate on your server.

1 Like
#6

Thanks for that,

I have set that all up but cant seem to access the website,
https://www.basingstokefishandchips.co.uk - works
www.basingstokefishandchips.co.uk - doesn’t work

I’ll take this up with webfaction and have a look around a bit I have also used wordpress for the first time so may be an issue there as well i have missed.

Thanks

#7

Second link refers to HTTP version of website. Enable Always Use HTTPS.

1 Like
#8

Thank you very much for that I did this and it worked. I asked it on here and also on my web host Q&A and there was a recommendation was to use a redirect so all HTTP traffic goes to HTTPS what is better doing it on cloudflare or set a redirect on my webhost?

#9

It doesnt really matter. You can do it on Cloudflare, in which case HTTP traffic should never reach your machine and the redirect will already happen on Cloudflare’s edge servers. But if you prefer to redirect on your server that would work too. It really comes down to personal preference. Maybe slightly tilted in favour of Cloudflare but thats 60/40 at best :slight_smile:

1 Like