SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. If you do not have the SSL certificate, a secure connection cannot be established. SSL Certificates are typically installed on pages that require end-users to submit sensitive information over the Internet like credit card details or passwords. Example pages include payment pages, online forms and login pages. However, in 2017 Google and other search engines began flagging all websites as “Not Secure” if they do not have an SSL Certificate. Having this flag may cause leery visitors to your website to stay away out of fear that your site is not safe.
Therefore, DigiPro Media will be creating an account for your agency with Cloudflare so that every website created will be secure. All DigiPro Media websites must be secured with an SSL and will need to be placed within this account.
The below instructions will walk you through pushing a website live and applying an SSL.
- Log into the domain’s registrar account. Modify the A record to point to “@” (not the domain name) and to the IP address 22.214.171.124. We highly recommend taking a screenshot of the DNS records for reference later. (Recommend using Snagit)
- Log into the Cloudflare account provided to you by the DigiPro Media MIS Team.
- Click “Add a Site”
- Follow the directions to add the domain.
- Return to the registrar account and change the Name Servers as part of the Cloudflare directions. Note: Each Cloudflare account will provide 2 specific nameservers, i.e., Vern.ns.cloudflare.com
- Return to the Cloudflare account and ensure that the DNS records match those copied from earlier.
- Log into the DG Console and do an organization search for the organization (or Org ID) associated with the domain.
- Click “Options” next to the correct org and then select “Map Domains”. Add the correct domain (the www version will be added automatically).
- Test the site in a browser. Be sure to test both the apex and the www versions. Also test the HTTPS versions of both. The HTTPS version may take some time to propagate before working. Once the HTTPS versions are working, return to the Cloudflare account.
- Click on the SSL/TLS Icon: Ensure that the SSL is set to “Full”
- Locate the subcategories under “SSL/TLS” and click on “Edge Certificates.” Then Enable “Always Use HTTPS” to ON
- Return to the DG Console and back to the correct Org. Click the “Index” button to add a checkmark.
- Then navigate back to “Map Domains” to set a default domain. If the client had an existing site, do a Google search to determine which version of the domain was indexed – either APEX or WWW. Whichever version was indexed before is the one that should be set as default.
- Test all versions of the domain in a browser once again to make sure that they all default to the HTTPS version of the default domain.
- Return to the DG Console and back to the correct Org. Click Options > Business Profile. Here you will want to enter the “Go Live” date.
- If there are any secondary or sub domains that will be redirecting to the primary website, change the A record and CNAME in those registrar accounts to match the records in step 1. Also add all subdomains to the “Map Domains” of the DG Console. You do not need to add these domains in Cloudflare as they are redirecting to the secure, primary domain.