Free Cloudflare + Discourse


#1

Hello, I’ve got a doubt with the discussion from Force Discourse to use SSL/HTTPS through CloudFlare.

If I have cloudflare working in my domain with FLEXIBLE SSL option, do I have to config https for discourse docker such this topic says?

I have read many topics about cloudflare, but it is not clear to me.
Sorry for the inconvenience.


(Joshua Rosenfeld) #2

Yes you do. Read the last note in the OP of Force Discourse to use SSL/HTTPS through CloudFlare, as well as Matt’s 2 replies just after.

That said, you don’t necessarily need to follow Allowing SSL / HTTPS for your Discourse Docker setup. It’d be far easier (and free) to follow Setting up Let’s Encrypt. The first note in that topic may make the process even easier (depending on the age of your install).


#3

But… :thinking: for setup HTTPS for Docker, I must buy a SSL certificate?


(Joshua Rosenfeld) #4

No - Let’s Encrypt will provide you a free SSL certificate. Follow that guide, not the Discourse Docker one.


#5

One more thing, if my discourse forum is in one shared hosting., that let’s encrypt guide that you mention, must be apply in the hosting?

I mean, if I do not have access to the server, I could not make those changes, right?


#6

No you would need access to the server - you do for most things with discourse. Generally shared hosting does not work for discourse hosting unless the host specifically supports discourse hosting as you need to have access to rebuild your discourse container. If they do it may well be worthwhile speaking to them.


#7

All right. This is already taking shape.

If they told me that SSL has already been implemented, how can I verify that everything is OK?

Is there any way?

I tried with SSL Server Test (Powered by Qualys SSL Labs) but from the first moment that test gave OK for the flexible cloudflare.


(Bhanu Sharma) #8

Cloudflare flexible certificate proxies your origin IP’s port 80 and deploys it with ssl on port 443 using some sort of tunneling.

Their flexible system makes so that your site appears https to the visitors but it still is running http.

What you may need is to configure ssl in docker and then either set cloudflare ssl property to ‘full’ or simply disable cloudflare enhancement in dns properties page by clicking orange cloud to make it grey.