Open menu Close menu

How to use HTTPS on Joomla with CloudFlare SSL

In recent years it has become best practice to encrypt your site using SSL. This used to be a complicated process but fortunately a lot of tools have popped up to help you with the process. The easiest and cheapest solution today is through CloudFlare’s SSL feature.

Why is SSL so important?

Every time you submit data to a website that is not using SSL, it is sent in plain text. This makes it very easy for anyone sitting in between your computer and the server to intercept your communication.

This is such an important issue that even Google has announced their ranking algorithm will favour SSL-enabled sites!

Set up CloudFlare

CloudFlare, a web security company and CDN provider, makes SSL easy. Since 2014 they have enabled SSL by default, for all customers including those on their free plan.

The process is very simple:

  1. Create an account on CloudFlare.
  2. Add the website you want to protect.
  3. Have a coffee as CloudFlare fetches your DNS records.
  4. Verify the DNS record and make sure nothing is missing!
  5. Complete the set up process.
  6. Head over to your registrar and change your name servers as provided by CloudFlare. (This can take a few hours!)

Once completed, go to the Crypto section and set SSL to Flexible:

Set SSL to Flexible.

Configure Joomla

All that remains is to configure Joomla. We need to instruct it to serve all pages and assets via SSL:

  1. Open up your Joomla administrator.
  2. Go to System » Global Configuration.
  3. Open the Server tab.
  4. Set the Force HTTPS option to Entire site.
  5. Browse to your website and test!

That’s it! You’ve taken an important step towards making the web browsing experience more secure and private for your users!