How to setup and integrate MaxCDN and CloudFlare in WP Rocket for use with a free Let’s Encrypt (or any other) SSL certificate. A complete, step-by-step tutorial for your WordPress site.
(NOTE: These Instructions assume you’ve decided to go with SiteGround Hosting, which makes integrating Let’s Encrypt and Cloudflare’s Free Plan with your WordPress site simpler and easier. If you host is using CPanel, then the options should be quite similar.)
While there seem to be multiple tutorials available for using CloudFlare’s Free Plan on an unsecured http:// site, this guide will take you through the process of integrating said plan with a free Let’s Encrypt SSL Certificate, for more secure content delivery.
Table of Contents
- Let’s Encrypt SSLA quick installation tutorial.
- WordPress HTTPS://Making sure your site is using https://
- WP RocketThe simplest, fastest cache plugin around.
- CloudFlareSetting up their Free Plan with WP Rocket.
- MaxCDNSetting up your CDN with WP Rocket.
- Google SEOAdd configuration to Search Console.
- SiteGround Add-onsUse the SGOptimizer plugin to enforce https://.
+ Let’s Encrypt Free SSL
In your host’s CPanel, go down to the Security section and click the Let’s Encrypt icon.
Once there, go down to Install new Let’s Encrypt Certificate and choose your domain from the dropdown menu. Click Install.
Once successfully installed, go the list of Installed Certificates and Turn On HTTPS Enforce.
If you’re installing WordPress for the first time…
Go to the WordPress Tools section of your host’s CPanel and click the WordPress Installer icon.
This will open the Softaculous installation app. Click Install Now.
In the Install area, under Software Setup > Choose Protocol, select https:// from the dropdown menu. Then choose your domain from the list, name your WordPress site, and give yourself a good strong admin name and password. Once done, click Install.
The wizard will take a few moments to install WordPress’sd files and database on your server. Once completed, it will list your WordPress admin address (https://yoursite.com/wp-admin). Follow the link and login to your WordPress site.
Once there, follow the steps in our Recommended WordPress Themes & Plugins Guide here.
Then come back here and continue onward to set up CloudFlare.
If you already have a WordPress site installed…
Go to the General Settings and change the WordPress and Site Addresses from http:// to https://. You will likely have to log in again.
If you have any trouble logging in your WordPress site after adding https:// (for example, when attempting to go to the site, you receive a 310 or 404 “Multiple Redirects Error” message), don’t panic. The fix is simple. Simply go to your CPanel area, click on the File Manager, find the wp-config.php file, and add the following lines of code
directly above the line
/* That's all, stop editing! Happy blogging. */
Remember to choose the exact same domain preference you chose in WordPress’s General Settings, either with www or without.
That should solve the issue.
In your WordPress Dashboard, go to
Login to your SiteGround User Area, and go to My Accounts > Information & Settings. Find Cloudflare CDN and click the Access button (NOT “Get Plus.”)
You can also access this area directly through your CPanel by clicking the Cloudflare icon under Site Improvement Tools.
Once there, find your domain from the Domain Without Certificate list and press the Activate Free button.
A popup message will ask to reconfigure sites automatically to www. Click Yes.
You’ll now see a new list labelled Domain With Active Cloudflare, with you domain listed.
Click the Manage button.
Click the Settings tab, go down to SSL Support and choose Full Strict from the drop down menu. Then press the Change button.
On the bottom of the menu you’ll see a message explaining how to login to your CloudFlare account directly on the CloudFlare site.
Follow the directions, go to CloudFlare.com, and log in.
Once logged in, you’ll see the Cloudflare Dashboard. Click the Crypto icon. Make sure the SSL Status shows an Active Certificate and that Full (strict) is selected in the drop down menu.
Next, scroll down the page to Always use HTTPS and Turn On.
Scroll further down to Automatic HTTPS Rewrites and Turn On.
Optional: As older browsers do not support modern SSL certificates like Let’sEncrypt and Cloudflare’s own Universal SSL, Cloudflare offers the ability to automatically warn visitors with outdated browsers that they should update their browser to better experience your site. Scroll through the Dashboard and click the Apps Icon. Once there, search for the A Better Browser app.
Click Preview On Site.
Click Install on all Pages.
Go back to the Overview section of the Dashboard, and under the Zone ID, click Get your API key. IMPORTANT: Save the API key. You will need it when adding your Cloudflare settings to WPRocket.
+ Adding CloudFlare to WPRocket
In your WordPress Dashboard, go to Settings > WP Rocket. Go to the CDN tab. Check the box next to Show Cloudflare settings tab. Press Save. When the page refreshes you should now see a new tab labelled Cloudflare. Click on it.
Once in the Cloudflare tab, add your Cloudflare account email and paste the Global API that you copied from your Cloudflare account’s Overview section.
Go to Pull Zones>Settings>OriginInformation and add your IP address (preferably a Dedicated one) to the Origin IP field.
Additionally, make certain that Relative Protocol is set to Off.
+ Google Search Console
Once you’ve completed the tasks above, go to Google Search Console and add https:// and https://www. versions of the site by clicking Add Property.
+ SiteGround Additions
If you’re using SiteGround Hosting, go to the SGOptimizer Plugin in your WordPress Admin area and choose Enforce HTTPS.