• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Cloudflare and their new SSL for free users

nodle

Well-known member
#1
So what do you guys think of Cloudflare's announcement today? I am excited for it! (y)

The team at CloudFlare is excited to announce the release of Universal SSL™. Beginning today, we will support SSL connections to every CloudFlare customer, including the 2 million sites that have signed up for the free version of our service.

This morning we began rolling out the Universal SSL across all our current customers. We expect this process to be complete for all current customers before the end of the day. Yesterday, there were about 2 million sites active on the Internet that supported encrypted connections. By the end of the day today, we'll have doubled that.

For new customers who sign up for CloudFlare's free plan, after we get through provisioning existing customers, it will take up to 24 hours to activate Universal SSL. As always, SSL for paid plans will be provisioned instantly upon signup.
More info
 

SneakyDave

Well-known member
#4
It depends, it works pretty well for me. Glad to see SSL support coming for free users.

I suppose that Google's announcement that sites with SSL will have preferential treatment to non-SSL sites had something to do with this change.
 

dieketzer

Well-known member
#11
Yes. Its only been a few hours so far since I set up Cloudflare on it.
it appears to be working now.
please keep us informed! i gave cloudflare a go a couple of years ago, even went on the paid plan. but the anomalies were so common that seemingly every other day one user or another was having problems related to cloudflare. i am curious to see if it (and by extension this ssl service) are improved.
 

RoldanLT

Well-known member
#12
it appears to be working now.
please keep us informed! i gave cloudflare a go a couple of years ago, even went on the paid plan. but the anomalies were so common that seemingly every other day one user or another was having problems related to cloudflare. i am curious to see if it (and by extension this ssl service) are improved.
It was using Comodo now, not from Cloudflare.
Correct me of I'm wrong.
 
#16
I suppose that Google's announcement that sites with SSL will have preferential treatment to non-SSL sites had something to do with this change.
I heard a while ago that CloudFlare would be offering SSL 'for free' to pro customers due to Google's statement about SSL. I'm not sure whether or not this is correct, though.

Thanks for the heads up, OP!
 

nodle

Well-known member
#17
So for us running Xenforo and using this are there changes that need to be made say to the config.php or the htaccess file that need to be changed for it to work, or will it work straight out the the box? I have seen users on there forcing SSL etc. Just wondering if we have to make changes on our side for this to work with it?
 

Xon

Well-known member
#18
XenForo's configuration doesn't require any changes for https vs http. It is all about the webserver's configuration.

If you are using Full SSL or Full SSL (Strict), then nothing needs to be changed provided your webserver is setup to pass in if the connection is HTTPS or not. For Flexible SSL, you need to parse the header they push down in the webserver (ref) to then push HTTPS status into XenForo.

CloudFlare pushes the following header for each connection:
Code:
CF-Visitor: {"scheme":"https"}
If you can issue a self-signed cert, and your site works properly with that; then you aren't going to have an issue with Full SSL. In the future CloudFlare have said they will be supporting SSL-cert pinning for Full SSL or Full SSL (Strict).
 

Xon

Well-known member
#20