- Last post
- 7 Responses
hey im using a hosting company that has insane ssl fees. i believe i can use cloudflare for ssl and wondered what the mechanism is as i dont want to give my domain over to them etc
plus any tips for migrating to ssl with wordpress?
Basic SSL is free these days. See: https://letsencrypt.org/ That keeps the connection between you and your client secure. Anyone charging for that is ripping you off. What you will pay for though is a higher level of SSL which proves that you are who you say you are - this requires background checks on your company etc. It means that clients will be able to see that the website is in fact owned by Trooperbill co. Most of the time you don't need this though and can use the basic, free SSL.
I've not used Cloudflare, but I would imagine you would have to point your domains to them.
You should setup some things on the webserver side (Apache / Niginx) to make it secure, but the WP software just works.
As Wordpress I would just migrate the site to WP Engine who include free SSL mentioned above in a one click set up.
They also have a migration tool that moves the site over easily for you if you don't feel happy doing ti manually.
The only time you really need something other than LetsEncrypt SSL is when you're trying to implement PCI compliance where domain-based validation isn't adequate.
A free Let's Encrypt Generator
- "Let's Encrypt certificate is valid for 90 days. You can get a paid SSL for about $9 and it's valid for a year."ideaist
- ^ true. It does get annoying having to renew every 90 daysdbloc
- They do have certbots that automatically renew but haven't figure this out yetdbloc
- ^ Samesies; 1-2 is fine every 3 months BUT 10+ clients it becomes mundane...ideaist
good certbot tut.uan
- it's easier to setup Certbot to auto renew and never have to fuck with again then trying to buy and install a new cert every yearspot13
- Thanks @uan I'll give that a trydbloc
- +1 on certbot. I use it and never think about it.section_014