How to Use Let’s Encrypt with Cloudflare

Reading Time: 3 minutes

Cloudflare is an excellent and well-known content delivery network. A CDN can increase site speed by utilizing Cloudflare’s global caching network to deliver content closer to a visitor’s location. You can also easily attach Cloudflare as an add-on product to your existing Liquid Web server, but there are some configurations to consider.

In this article, we will be covering how to use Cloudflare in conjunction with Let’s Encrypt SSL. Cloudflare will act as the CDN while Let’s Encrypt performs the SSL (HTTPS) encryption (in lieu of Cloudflare’s Universal SSL). Let’s Encrypt is an amazing open-service for creating free SSL certs for your site and for this tutorial you should already have Let’s Encrypt installed on your server.  While there are correct ways to use Cloudflare with Let’s Encrypt there are also configuration settings that could cause connection errors to appear. So, it’s important to know which options to selecting when setting up these entities.

Step 1: First, you will need a Cloudflare account and will need to generate a Let’s Encrypt x3 cert on your server.

Note:
Our Managed WooCommerce and Managed WordPress plans will automatically generate a valid Let’s Encrypt SSL cert for your primary domain set in the manager when your site goes live or if you rename your primary domain in the manager.

If an incorrect SSL mode is selected in Cloudflare it will not load and instead will display an invalid SSL cert.  This is a common error and one that can be avoided to ensure that your customer’s have a positive and trusted experience with your site.

A key part is to make certain the correct SSL mode is set in Cloudflare since it offers a number of different SSL modes:

  • Off
  • Flexible SSL
  • Full SSL (Recommended Setting)
  • Full SSL (Strict)

Step 2: SSL Modes can be accessed from the Crypto section in the Cloudflare dashboard.

Now that you are in the settings of Crypto you will need to go through these specific settings in Cloudflare; these changes will take maybe 30 – 50 seconds to make.

Note:
When using Cloudflare, Cloudflare’s universal SSL is what browsers would see, unless you manually upload your own SSL certificate, which requires the $200/month business plan. Most customers will be fine with utilizing Cloudflare’s universal SSL.

Step 3: Select the domain you want to work with, then select “Crypto” top menu option in Cloudflare. Under SSL select – Full.  Scroll down to see Always use HTTPS and set it to ON.

Step 4: On the HTTP Strict Transport Security (HSTS) section select Enable HSTS

You will need to select the “I understand” checkbox and click on the Next button.

You will need to select the “I understand” checkbox and click on the Next button.

Step 5: A pop up box will appear, here you’ll set:

  • Max-Age: 3 months
  • Apply HSTS policy to subdomains (includeSubDomains): Off
  • Preload: Off

Now click Save

Step 6: Set to Minimum TLS Version to TLS 1.2

Step 7: Opportunistic Encryption: ON

Step 8: TLS 1.3: Enabled

Step 9: Automatic HTTPS Rewrites: On

Step 10: Disable Universal SSL by selecting this option you are no longer using Cloudflare Universal SSL certificate. You will only use SSLs stored in your server, in this case, Let’s Encrypt. Click “I understand” and select Confirm.

These simple changes made in Cloudflare, will help you to avoid any dreaded downtime when using Let’s Encrypt with Cloudflare. Meaning that your customer’s can fully trust that their data is securely transferred with HTTPS through Let’s Encrypt’s.

Still need help setting up Cloudflare and Let’s Encrypt on your server?  Reach out to us!  Our Liquid Web servers come with 24/7 assistance from our knowledgable support team.  Get the support you deserve today!

Creating a Virtual Environment for Python on Ubuntu 16.04

Reading Time: 2 minutes

Virtualenv is a tool that creates an isolated environment separate from other projects. In this instance we will be installing different Python versions, including their dependencies.  Creating a virtual environment allows us to work on a Python project without affecting other projects that also use Python. It will utilize Python’s core files on the global environment to run, thus saving you disk space while providing the freedom to use different Python version for separate apps.

Continue reading “Creating a Virtual Environment for Python on Ubuntu 16.04”

How to Install Python on Windows

Reading Time: 2 minutes

Python is a popular programming language for developing applications. The Python design philosophy emphasizes code readability and focuses on clear programming for both small and large-scale projects. Python allows you to run modules and full applications from a large library of resources (or even applications you write yourself) on your server. Python works on a number of popular operating systems, including Windows Server OS.

Continue reading “How to Install Python on Windows”

Create a Cron Task in Ubuntu 16.04

Reading Time: 3 minutes

Cron jobs are an incredibly useful Linux tool aimed at saving you time by scheduling tasks within your server. A programmed cron task will execute commands within a script by the minute, day, week or month. They can be scheduled to do many tasks including backing up your server’s files nightly, updating inventory orders in a database or even compressing files for migrating. Repetitive tasks become a cinch when incorporating a cron job. While there are numerous ways to run a cron task, we will be using the crontab option that is inherent within Ubuntu to set up a nightly backup of our website. Continue reading “Create a Cron Task in Ubuntu 16.04”

What is Power DNS?

Reading Time: 2 minutes

PowerDNS (pdns) is an open source authoritative DNS server that works as an alternative to traditional BIND (named) DNS. PowerDNS offers better performance and has minimal memory requirements. PowerDNS also works with many supporting backends ranging from simple zone files to complex database setups as well as various SQL platforms (Mysql, MariaDB, Oracle, PostgreSQL). Continue reading “What is Power DNS?”

VPS Server Space/Disk Quota

Reading Time: 5 minutes

The term “server space” refers to the amount of disk space that is available on your server’s hard disk drive. This space varies according to server type, hosting plan and possibly by additional services that are set up and available on your Liquid Web account. Continue reading “VPS Server Space/Disk Quota”

Cloud vs. Dedicated Hosting

Reading Time: 4 minutes

Cloud and dedicated servers are two types of hosting solutions that you will find across professional web hosting companies. Whether your a small business or a thriving enterprise the question remains, what is the difference between Cloud and Dedicating hosting and which one is the best solution for you? Continue reading “Cloud vs. Dedicated Hosting”

Configure Apache 2 to Control Browser Caching

Reading Time: 9 minutes

Today we are configuring browser caching control on common Apache 2 servers. Caching is a great tool to reduce server resource consumption, bandwidth utilization and provide a faster end-user experience to visitors. To get familiar with caching concepts, simply review our ‘What is Caching?’ tutorial. Continue reading “Configure Apache 2 to Control Browser Caching”

Creating Your First Cloud Product with Liquid Web Reseller Plugin

Reading Time: 5 minutes

In the previous few articles we installed the WHMCS plugin and configured it with the VPS API. This article will cover the fun part, actually using the plugin to create new cloud based products! We’ll go over the plugin’s “Product Setup Wizard”, which makes it easy to create new products based on our Cloud VPS, Cloud Dedicated VPS, and Private Cloud products. Continue reading “Creating Your First Cloud Product with Liquid Web Reseller Plugin”