Cloudflare and their new SSL for free users

nodle

nodle

Well-known member
So what do you guys think of Cloudflare's announcement today? I am excited for it! (y)

The team at CloudFlare is excited to announce the release of Universal SSL™. Beginning today, we will support SSL connections to every CloudFlare customer, including the 2 million sites that have signed up for the free version of our service.

This morning we began rolling out the Universal SSL across all our current customers. We expect this process to be complete for all current customers before the end of the day. Yesterday, there were about 2 million sites active on the Internet that supported encrypted connections. By the end of the day today, we'll have doubled that.

For new customers who sign up for CloudFlare's free plan, after we get through provisioning existing customers, it will take up to 24 hours to activate Universal SSL. As always, SSL for paid plans will be provisioned instantly upon signup.
Click to expand...

More info
 
I wonder if we will need any special instructions for setting it up using Xenforo? Or will it automatically be applied as a setting under the control panel. Any ideas @damoncloudflare ?
 
It depends, it works pretty well for me. Glad to see SSL support coming for free users.

I suppose that Google's announcement that sites with SSL will have preferential treatment to non-SSL sites had something to do with this change.
 
BamaStangGuy said:
Yes. Its only been a few hours so far since I set up Cloudflare on it.
Click to expand...
it appears to be working now.
please keep us informed! i gave cloudflare a go a couple of years ago, even went on the paid plan. but the anomalies were so common that seemingly every other day one user or another was having problems related to cloudflare. i am curious to see if it (and by extension this ssl service) are improved.
 
dieketzer said:
it appears to be working now.
please keep us informed! i gave cloudflare a go a couple of years ago, even went on the paid plan. but the anomalies were so common that seemingly every other day one user or another was having problems related to cloudflare. i am curious to see if it (and by extension this ssl service) are improved.
Click to expand...
It was using Comodo now, not from Cloudflare.
Correct me of I'm wrong.
 
SneakyDave said:
I suppose that Google's announcement that sites with SSL will have preferential treatment to non-SSL sites had something to do with this change.
Click to expand...
I heard a while ago that CloudFlare would be offering SSL 'for free' to pro customers due to Google's statement about SSL. I'm not sure whether or not this is correct, though.

Thanks for the heads up, OP!
 
So for us running Xenforo and using this are there changes that need to be made say to the config.php or the htaccess file that need to be changed for it to work, or will it work straight out the the box? I have seen users on there forcing SSL etc. Just wondering if we have to make changes on our side for this to work with it?
 
XenForo's configuration doesn't require any changes for https vs http. It is all about the webserver's configuration.

If you are using Full SSL or Full SSL (Strict), then nothing needs to be changed provided your webserver is setup to pass in if the connection is HTTPS or not. For Flexible SSL, you need to parse the header they push down in the webserver (ref) to then push HTTPS status into XenForo.

CloudFlare pushes the following header for each connection:
Code: 
CF-Visitor: {"scheme":"https"}

If you can issue a self-signed cert, and your site works properly with that; then you aren't going to have an issue with Full SSL. In the future CloudFlare have said they will be supporting SSL-cert pinning for Full SSL or Full SSL (Strict).
 
You must log in or register to reply here.
Back
Top Bottom