Does your website show the connection as "Not Secure" in Google Chrome, Firefox, or other web browsers? The activities of hackers are on the rise, through thousands of automated bots, they crawl the internet daily to find vulnerable websites to hack. Generally, users are skeptical when they visit websites and see the “Not Secure” sign.
What this “Not Secure” essentially means is that, every interaction between users and the website is in plain text and therefore could be read by hackers who may intercept that traffic. Getting your website on “HTTPS” and “SSL” is a necessary requirement to increase the integrity of your website and for that matter your customers.
You may be wondering “What is HTTPS and SSL?” HTTPS (Hypertext Transfer Protocol Secure) is a protocol used to provide security over the Internet. HTTPS prevents interceptions and interruptions from occurring while the content is in transit.
For you to create a secure online connection, your website also needs an SSL Certificate. If your website asks visitors to register, sign-up, or make a transaction of any kind, you need to encrypt your connection.
What is SSL?
SSL (Secure Sockets Layer) is another necessary website protocol. This transfers visitor’s personal information between the website and your database. SSL encrypts information to prevent it from others reading it while in transit.
It denies those without proper authorisation the ability to access the data, as well.
In this blog, you would do the following:
1. Create free account on Cloudflare
2. Add your domain name
3. Select Free $0 as your plan
4. Log in to your cpanel and update your nameservers
5. Select “Full” in “Your SSL/TLS encryption mode”
6. Toggle “Always Use HTTPS” to “On”
Let us go ahead and put your website on “HTTPS” and “SSL” for free. Proceed to Cloudflare website and create an account for free. www.cloudflare.com.
Now, enter the domain you want to put on https in the text field as shown in the picture below.
It will redirect you to another page, enter your domain again and click on “Add site”
Now, select your plan, here proceed to select the last option which says “Free $ 0” and click on “Continue”, as shown in the picture below.
You would be redirected to a page containing your DNS information, click on “Continue”.
Now, log in to your cpanel and go to your “Domains”, select the domain you want to put on HTTPS. Look out for “DNS”, update the current nameservers to reflect the nameservers below.
DNS information may take up to 72 hours to reflect, depending on your hosting provider. Some of them are almost instant.
Go back to cloudflare and click on “Done, check nameservers.” You are almost done, there are few settings you need to do.
From the cloudflare dashboard, select “SSL/TLS” and make sure “Your SSL/TLS encryption mode” is set to “Full” and “SSL/TLS Recommender” is put “On”.
Lastly, still in “SSL/TLS”, select “Edge Certificates” and toggle “Always Use HTTPS” to “On”. This is very important, as it would direct all users who type “http://yourwebsite.com” in the browser to “https://yourwebsite.com”.
Congratulations! you have successfully installed free HTTPS and SSL on your website. Now, every traffic from your website would be encrypted.