What is HTTPS?
Why do I think you need it? Just think of the situation like this:
But I don’t sell or collect anything on my blog. What’s this all about then?
While there is a built-in HTTPS feature (in Settings>Basic), it only works for blogs using the blogspot.com addresses. If you’re using a custom domain name on your blog, but would like to implement HTTPS/SSL, I’ll show you how it is done. First off, for the benefit of those who are not using HTTPS yet for their Blogger/Blogspot blogs, you can turn SSL on by following these steps:
- Log in to your Blogger account and go to Settings>Basic on the sidebar panel.
- Scroll to the “HTTPS (HTTPS Redirect)” section, click the drop-down, and select “Yes“.
For Blogger blogs using custom domains, follow these steps:
- Your domain registrar’s DNS panel
- CloudFlare account
Steps: Adding Your Domain to CloudFlare
1. Login to your CloudFlare account and add your domain to it.
3. The DNS records that you have previously set up in your domain registrar panel would be “imported” over to CloudFlare.
4. Make sure that the DNS records that connect your domain to your blog are activated via CloudFlare’s CDN (Content Delivery Network) — read: orange cloud. Click the cloud to turn the CDN on. In my domain’s case, I only have the “www” CNAME pointing to Google’s server for Blogger, and the root is using the registrar”s default IP.
Note: The cloud/CDN needs to be enabled so the traffic would pass through CloudFlare’s servers, and the SSL to be applied.
5. On the next screen, tick the “Free Website” radio button and hit “Continue”. —
While on a self-hosted blog such as WordPress sites, it requires the website owner to purchase, sign, and upload the SSL certificate into the hosting provider’s servers; this functionality is not available with Blogger so we’re using the free SSL solution from CloudFlare which does not require signing and uploading to servers.
6. Copy the nameservers provided by CloudFlare and change your domain’s current nameservers to CloudFlare’s. Note: Please be cautious about changing nameservers; if you have custom domain emails, the emails may stop working until the new nameservers are fully set up.
Activating SSL in CloudFlare
2. Go to the “Page Rules” at the top menu, then click the “Create Page Rule” button. A dialog box will come up, where you’ll set the rule up. In the URL field, type in your domain in this form: http://www.yourdomain.com/*.
On the “Pick a setting” drop-down menu, select “Always Use HTTPS”. Then click the “Save and Deploy” button.
3. Awesome! You’re all set. All you need to do now is wait for the new settings to fully take effect (could last up to 48 hours). During this period, you may experience security errors when you try to access your blog using https as the SSL and DNS setting are saving in multiple locations across the globe (WTH am I saying? hahaha). Just, wait and be patient.
*Clearing your browser’s cache and cookies could also do the trick. Good luck and cheers to a secure (and hopefully, high-ranking) blog!
Note: I tried this on Tumblr (yeah, like it’s not enough having just one blog), but it looks like Tumblr has it’s own CDN so it conflicts with that of CloudFlare’s. Thus, error messages show up and CloudFlare SSL doen’t work at all.
Send in any feedback about the setup if you have any!