Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Easy SSL Support for Your Jekyll Blog With CloudFlare

DZone's Guide to

Easy SSL Support for Your Jekyll Blog With CloudFlare

In this quick tutorial, we'll go over the importance of using SSL, even if you just have a tiny site, and how to easily implement it using CloudFlare.

· Web Dev Zone ·
Free Resource

Deploying code to production can be filled with uncertainty. Reduce the risks, and deploy earlier and more often. Download this free guide to learn more. Brought to you in partnership with Rollbar.

It's 2017 and if you didn't switch to a secure SSL connection yet, it's definitely time to do so. This has been on my to-do list for a while already and now that I know how easy it is, I definitely should have done it before!

Every site should definitely make use of a secure connection, even if you only have a static website or blog. Besides other advantages, there’s a simple thing that should be enough of a motivation for you to go SSL: Google will start to penalize websites in their search results that are not using a secure SSL connection. Convinced?

After all, it’s an easy task and completely free thanks to CloudFlare!

Activate SSL With CloudFlare for Free!

CloudFlare is an amazing service. Already years ago, they actually introduced a new concept called “universal SSL” - included in their free plan - which allows you to benefit from an SSL connection using a shared certificate.

Here’s an awesome article that guides through the various steps.

You basically add a new site to CloudFlare by entering your existing URL. As a consequence, CloudFlare then scans for the accompanying DNS configuration and copies them over. After that, simply point to those DNS servers on your domain provider’s admin panel.

Enable Redirects With CloudFlare Page Rules

An important part is that you set up proper redirects from your http:// URLs to the new https:// endpoints.

The redirect rule should look like this:


Remove Any “Mixed Content”

You will get a warning if your website loads “mixed content” which is when you embed external http:// based resources within your SSL secured https site. So make sure to update all embeds of external resources (scripts, css,…).

...
<!-- option 1 -->
<script src="//somedomain.com/..."></script>

<!-- option 2 -->
<script src="https://somedomain.com/..."></script>

By the way, an easy way to check is to use Chrome. It’ll warn you if you have mixed content on your page.

Migrate Disqus Comments

Finally, if you happen to use Disqus as your external comment service, make sure you adjust the callback URL in the Disqus script and finally also migrate the existing Disqus comments over to your new a HTTPS URL. This can be done easily through the Disqus admin panel:

Conclusion

This is definitely a no-brainer. CloudFlare makes it really easy to get set up and running. Moreover, you won’t only benefit from the free SSL support, but they add a lot of other optimizations on top which will make your site even blazingly fast!

It’s easy and done in minutes. So go for it!

Deploying code to production can be filled with uncertainty. Reduce the risks, and deploy earlier and more often. Download this free guide to learn more. Brought to you in partnership with Rollbar.

Topics:
web dev ,cloudflare ,ssl

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}