How to use CloudFlare’s platform to force all traffic over HTTPS connection using page rules.
This is an up to date and user-friendly (fool-proof) way that I use each time and it works perfectly.
Sign up to CloudFlare here - they offer SSL/HTTPS on their Free plan, so that will be just fine for us.
Add your site here - the system will scan for DNS records, make sure all are correct and add any records not picked automatically by the scan i.e. MX records.
You will the have to add the CloudFlare nameservers to your domain. This can be done with whoever your purchased your domain with on their control panel - differs for each provider - some examples:
Once your nameservers have been successfully edited (you can check this by opening a terminal and issuing the command:
whois yourdomain.com) towards the bottom of the output you should see CloudFlare’s nameservers:
Name Server: LARA.NS.CLOUDFLARE.COM
Name Server: GABE.NS.CLOUDFLARE.COM
Now we can head back to our CloudFlare control panel for your new site:
Click on the page rules section from the icon menu. Click on create page rule and fill in as follows:
Enter your domain i the format as in image above:
http://*yourdomain.com/* this will force all sub-domains (the * before the domain) and sub-directories (the * after the domain) to use HTTPS.
Click on “add setting” and choose “Always use HTTPS” from the drop down menu. For “Order” yo can leave as “First”.
Click on “Save and Deploy”.
The setting may take up to 15 minutes to take effect, but then all your traffic should re-direct to https://yourdomain.com .
In order to maintain full HTTPS (green padlock) you will need to go to Discourse settings (/admin/site_settings/category/required) and search for all settings containing
http://..../.... and change the links to
You can check SSL status at: SSL Server Test (Powered by Qualys SSL Labs) :
As noted by @mpalmer below:
… In order for the connection between Cloudflare and your origin to be similarly secure as the connection between the browser and Cloudflare, you need to setup SSL on the origin server, too.
For setting up SSL on your server: