How to Use Let’s Encrypt with Cloudflare

Reading Time: 3 minutes

Cloudflare is an excellent and well-known content delivery network. A CDN can increase site speed by utilizing Cloudflare’s global caching network to deliver content closer to a visitor’s location. You can also easily attach Cloudflare as an add-on product to your existing Liquid Web server, but there are some configurations to consider.

In this article, we will be covering how to use Cloudflare in conjunction with Let’s Encrypt SSL. Cloudflare will act as the CDN while Let’s Encrypt performs the SSL (HTTPS) encryption (in lieu of Cloudflare’s Universal SSL). Let’s Encrypt is an amazing open-service for creating free SSL certs for your site and for this tutorial you should already have Let’s Encrypt installed on your server.  While there are correct ways to use Cloudflare with Let’s Encrypt there are also configuration settings that could cause connection errors to appear. So, it’s important to know which options to selecting when setting up these entities.

Step 1: First, you will need a Cloudflare account and will need to generate a Let’s Encrypt x3 cert on your server.

Note:
Our Managed WooCommerce and Managed WordPress plans will automatically generate a valid Let’s Encrypt SSL cert for your primary domain set in the manager when your site goes live or if you rename your primary domain in the manager.

If an incorrect SSL mode is selected in Cloudflare it will not load and instead will display an invalid SSL cert.  This is a common error and one that can be avoided to ensure that your customer’s have a positive and trusted experience with your site.

A key part is to make certain the correct SSL mode is set in Cloudflare since it offers a number of different SSL modes:

  • Off
  • Flexible SSL
  • Full SSL (Recommended Setting)
  • Full SSL (Strict)

Step 2: SSL Modes can be accessed from the Crypto section in the Cloudflare dashboard.

Now that you are in the settings of Crypto you will need to go through these specific settings in Cloudflare; these changes will take maybe 30 – 50 seconds to make.

Note:
When using Cloudflare, Cloudflare’s universal SSL is what browsers would see, unless you manually upload your own SSL certificate, which requires the $200/month business plan. Most customers will be fine with utilizing Cloudflare’s universal SSL.

Step 3: Select the domain you want to work with, then select “Crypto” top menu option in Cloudflare. Under SSL select – Full.  Scroll down to see Always use HTTPS and set it to ON.

Step 4: On the HTTP Strict Transport Security (HSTS) section select Enable HSTS

You will need to select the “I understand” checkbox and click on the Next button.

You will need to select the “I understand” checkbox and click on the Next button.

Step 5: A pop up box will appear, here you’ll set:

  • Max-Age: 3 months
  • Apply HSTS policy to subdomains (includeSubDomains): Off
  • Preload: Off

Now click Save

Step 6: Set to Minimum TLS Version to TLS 1.2

Step 7: Opportunistic Encryption: ON

Step 8: TLS 1.3: Enabled

Step 9: Automatic HTTPS Rewrites: On

Step 10: Disable Universal SSL by selecting this option you are no longer using Cloudflare Universal SSL certificate. You will only use SSLs stored in your server, in this case, Let’s Encrypt. Click “I understand” and select Confirm.

These simple changes made in Cloudflare, will help you to avoid any dreaded downtime when using Let’s Encrypt with Cloudflare. Meaning that your customer’s can fully trust that their data is securely transferred with HTTPS through Let’s Encrypt’s.

Still need help setting up Cloudflare and Let’s Encrypt on your server?  Reach out to us!  Our Liquid Web servers come with 24/7 assistance from our knowledgable support team.  Get the support you deserve today!

Resolving WooCommerce Plugin and Theme Issues

Reading Time: 2 minutes

What is WooCommerce?

WooCommerce is a plugin with regular updates releases, which means it will add new and existing features, along with resolving any bugs or known security vulnerabilities. WooCommerce is actively installed on over 4 million WordPress sites and is used to drive E-commerce on a pretty high number of those sites.

 

Testing for Plugin and Theme Issues

Continue reading “Resolving WooCommerce Plugin and Theme Issues”

Delete Posts and Comments from Action Scheduler

Reading Time: 2 minutes

The Action Scheduler is a background processing, queue job runner which is built into WooCommerce core. A number of plugins use the Action Scheduler, WooCommerce Subscriptions and WooCommerce Follow-Ups being two of the best known.

WP-CLI makes it easy to delete posts and comments which have been created by the Action Scheduler in WooCommerce. There may be cases where the Action Scheduler might create a large number of posts and comments on your live site, and you want to clear up the data from the site’s database.

 

Delete Comments from Action Scheduler

To delete comments created by the Action Scheduler, you can run this command:

wp comment list --field=comment_ID --'post_author'='ActionScheduler' --number=1000 | xargs wp comment delete --forceThe number can be increased if you have more comments that need to be deleted to 2000 or higher.

Delete Bulk Posts from Action Scheduler

To delete all of the scheduled-action posts, you can run this command:

wp post list --field=ID --post_type=scheduled-action --posts_per_page=1000 | xargs wp post delete --forceThe number can be increased if you have more posts that need to be deleted to say 2000 or higher.

Delete Scheduled Action Posts

To delete all of the scheduled-action posts with a post status of trash, you can run this command:

wp post list --field=ID --post_type=scheduled-action --posts_per_page=1000 --post_status=trash | xargs wp post delete --force

Delete Bulk Scheduled Actions

To delete all of the scheduled-action posts with a post status of cancel,  you can run this command:

wp post list --field=ID --post_type=scheduled-action --posts_per_page=1000 --post_status=cancel | xargs wp post delete --force

 

Using a mix of these commands, you will be able to delete posts and comments easily, using WP-CLI on your site. It will also keep your site database clean, allowing it to run more efficiently.  Take the work out of maintaining your WordPress site with our Managed WooCommerce product.  Our WooCommerce platform comes with free iThemes plugins curated especially for online stores.

8 WP-CLI Commands to Clean Up and Optimize your Site

Reading Time: 2 minutes

Want to clean up your WordPress site without having to add multiple plugins? By using WP-CLI, you can run many useful commands to helpfully clean up your database and elements related to your site. In this post, many of the most common tasks are covered:

Continue reading “8 WP-CLI Commands to Clean Up and Optimize your Site”

Rollback a Plugin or Theme Using WP-CLI

Reading Time: 2 minutes

WP-CLI makes it very easy to rollback plugins and themes as well as update plugins and themes on sites all from command line. This is useful if you see your site is broken by a newer version of the theme or plugin. In this article, we’ll be running through some valuable commands for rolling back your site.

If you need to rollback a plugin on a site to a previous version, you can find the previous version number from the development tab of the plugins listed on WordPress.org. To find the slug of the plugin, you will need to go to the WordPress.org plugins. In the case of Contact Form 7, the plugin slug is contact-form-7.

Note:
You can also find the plugin or theme slug by going to your WordPress files and typing in:
wp plugin list

wp theme list

Pre-flight

Rollback a Plugin to a Previous Version

If you need to test that the command is correct, you can always use the flag –dry-run at the end of the command:

wp plugin update contact-form-7 --version=5.0.5 --dry-run

In the following example, to rollback Contact Form 7, you can use this command:

wp plugin update contact-form-7 --version=5.0.5

 

Activate A Particular Version of a Plugin

If you need to install and activate a previous version of a plugin, run:

wp plugin install contact-form-7 --version=5.0.5 --activate --force

 

Update All Plugins

If the plugins you updated have been fixed and you now need to update all plugins, the example command is:

wp plugin update --all

Excluding A Plugin

If you want to update all plugins, but need to exclude a specific plugin (in this case WooCommerce), run command:

wp plugin update --all --exclude=woocommerce

 

Rollback a Theme to a Previous Version

If you did need to rollback a parent theme to a previous version, you could use this command example which would rollback the Storefront theme to version 2.4.0:

wp theme update storefront --version=2.4.0

 

Update Theme to Current Version Release

If you know wanted to update the Storefront theme on a site to the most current version, you could use this command example;

wp theme update storefront

 

Using a mix of these WP-CLI commands will enable you to easily rollback a plugin on your site, rollback a theme, or update all plugins. It will also update all plugins, but exclude a specific plugin from being updated.  Our Managed WordPress product comes with WP-CLI installed along with easy, automatic updates.  Check out how our Managed WordPress platform can streamline your work today!

What are Common Commands to Update WordPress Using WP-CLI?

Reading Time: 2 minutes

WP-CLI is a very handy set of commands. You can run anything that you would run in wp-admin on a WordPress site but from the command line. Useful commands which WP-CLI employs to keep WordPress core updated plugins including the default themes which come with WordPress.

Continue reading “What are Common Commands to Update WordPress Using WP-CLI?”