Recently I posted about how generally wonderful Cloudflare is and how it can help to make your site more speedy.
Well, Cloudflare is now offering something pretty AMAZING for free and it could help make the site much more secure.
At the end of September 2014 Cloudflare announced on their blog, that they will offer free Universal SSL for every site that uses their network! This is huge deal for the web, as in August 2014, Google said that they will now take whether a site has SSL/HTTPS as a part of their rankings as they’d ultimately like ‘HTTPS everywhere’.
HTTPS is what you get when you visit a ‘secure’ site like a bank, PayPal or e-commerce sites and you have the gold or green padlock in the address bar. Having HTTPS on a site makes it much more secure as your connection to the site is encrypted. SSL is the way you make websites use HTTPS connections.
Cloudflare offer three flavours of SSL, Flexible SSL, Full SSL and Full SSL ‘Strict’.
With Flexible SSL, which will be the default mode for sites on Cloudflare, the traffic from browsers to CloudFlare will be encrypted, but traffic from CloudFlare to a site’s origin server won’t be (but people will see the padlock on your site). With either of the Full SSL options, both sites of the connection to Cloudflare will be encrypted. To use Full SSL you need an SSL certificate on your hosting server (can be a self-signed certificate). For Full SSL ‘Strict’ the certificate needs to be signed by a trusted certificate authority.
As soon as Universal SSL was announced by Cloudflare, they started rolling it out to existing sites on their network and will also offer as default (in Flexible mode) for all new signups. Unsurprisingly, this announcement went down rather well with the web community—so much so that they had to post on their blog asking people for patience as everyone wanted their free SSL—NOW!
This might sound all a bit techy (and it kind of is!). For your average site, the Flexible SSL might be all you need. But if you hold any sensitive data on your site, then Full SSL really is the way to.
To help guide people through the, sometimes confusing, world of the SSL certificates, Cloudflare have also published a blog post explaining how to get them and install them so you can use Full SSL.
So if your site needs some SSL goodness, now is a great time to get it in and free and simple way!
[Image via Cloudflare]