Webmaster Security

Free Wildcard SSL Using Forge + Cloudflare

Submitted by B─░GSTAR-TR, , Thread ID: 46580

Thread Closed
11-09-2017, 01:02 AM
This post was last modified: 11-09-2017, 01:05 AM by B─░GSTAR-TR
#1
Securing sites with SSL used to be a headache. However, in the last few years it has become infinitely easier (and cheaper) to secure your site.Forgehas always had support for easily installing SSL certificates, and even offers integration with LetsEncrypt to install free SSL certificates.
However, I personally prefer to useCloudflare, another service that offers free SSL certificates, as well as a variety of other free and paid services that are useful for web developers. I prefer Cloudflare because:
  • Cloudflare doesnt require any renewal process to ever run on my server. LetsEncrypt renewals must run on my server at least every 3 months and thats just one more thing that sometimes can (and does) go wrong.

  • Cloudflare supports wildcard sub-domains.
Creating TheSite
First, create a site with your desired domain inLaravel Forge:

[Image: 1*rFrX8-25YQDBd7plsGR_mA.png]

This will create the proper Nginx configuration needed to serve this site as well as place a standard PHP information page in the sites directory. Once the site has been created, you can install a Git repository:

[Image: 1*XWce7-BkDGuxsJvd_0w7oQ.png]

Once the repository is installed, its time to configure Cloudflare.
Configuring Cloudflare
Of course, before continuing you will need a Cloudflare account and a domain name you want to manage on Cloudflare. In addition to managing your SSL, Cloudflare will also be the place you manage the DNS records for your site, so you will need to point your domains nameserver records to point at Cloudflares nameservers:

[Image: 1*feJVTeZaA3rrDUIdF7BCFw.png]

Once you have done this, add A records for your domain in Cloudflares DNS manager. The A records should point to your Forge servers IP address. For this example, I am going to add a root A entry as well as an entry for the ?www subdomain:

[Image: 1*x0hToZR2mes7z__FokSQeg.png]

Once the DNS has been configured, you may enable SSL on the Cloudflares ?Crypto tab. First, lets set the SSL option to ?Flexible:

[Image: 1*UeTh8ruOm7EB4zrdUScHew.png]

Once the certificate is active, you should be able to navigate to your domain and see a green lock in your browser indicating the request was secured. Great! Next, lets talk about a few caveats and things you should know.
Configuring Full Encryption
Cloudflares ?flexible SSL mode will get you a green lock in your browser; however, traffic between Cloudflare and your server is still unencrypted. The only encrypted part of the request is the segment between your users browser and Cloudflares servers. In order to encrypt the entire request cycle we can use Cloudflares ?Full encryption mode.
First, click the ?Create Certificate button in the ?Origin Certificates section of Cloudflares ?Crypto tab. The default options on the resulting modal window should be sufficient:

[Image: 1*eoEQx0l_U7jy60nnsuzM4g.png]

After clicking ?Next, you will be presented two large text blocks: one for the private key and one for the certificate. Copy both of these text blocks and head back over to Forge.
In Forge, we will install this certificate and key using the ?Install Existing Certificate option under the ?SSL tab of Forges site management panel:

[Image: 1*oz7_58AKUvxn-G4pi4GR9A.png]

Once the certificate is installed and activated in Laravel Forge, you should activate the ?Full SSL mode on Cloudflares ?Crypto tab:

[Image: 1*onGVNJLwe_IvRIzlCqdrNw.png]

Now your requests are fully encrypted all the way to your server! Origin certificates generated by Cloudflare are valid for 15 years, and may easily be re-issued via the Cloudflare dashboard.

RE: Free Wildcard SSL Using Forge + Cloudflare

#2
Thank you very much about your post. I very like. This is post very good.

RE: Free Wildcard SSL Using Forge + Cloudflare

#3
How can i get this in my shared hosting and do i can make own firewall stylee

RE: Free Wildcard SSL Using Forge + Cloudflare

#4
How exactly do you make it so it actually is free, i have to provide payment details to get into it.
Aoki|Faded|Zenith|Senpai|Aurora|A|Prince All the people i love <3

RE: Free Wildcard SSL Using Forge + Cloudflare

#5
11-09-2017, 01:02 AM
BGSTAR-TR Wrote:
Securing sites with SSL used to be a headache. However, in the last few years it has become infinitely easier (and cheaper) to secure your site.Forgehas always had support for easily installing SSL certificates, and even offers integration with LetsEncrypt to install free SSL certificates.
However, I personally prefer to useCloudflare, another service that offers free SSL certificates, as well as a variety of other free and paid services that are useful for web developers. I prefer Cloudflare because:
  • Cloudflare doesnt require any renewal process to ever run on my server. LetsEncrypt renewals must run on my server at least every 3 months and thats just one more thing that sometimes can (and does) go wrong.

  • Cloudflare supports wildcard sub-domains.
Creating TheSite
First, create a site with your desired domain inLaravel Forge:

[Image: 1*rFrX8-25YQDBd7plsGR_mA.png]

This will create the proper Nginx configuration needed to serve this site as well as place a standard PHP information page in the sites directory. Once the site has been created, you can install a Git repository:

[Image: 1*XWce7-BkDGuxsJvd_0w7oQ.png]

Once the repository is installed, its time to configure Cloudflare.
Configuring Cloudflare
Of course, before continuing you will need a Cloudflare account and a domain name you want to manage on Cloudflare. In addition to managing your SSL, Cloudflare will also be the place you manage the DNS records for your site, so you will need to point your domains nameserver records to point at Cloudflares nameservers:

[Image: 1*feJVTeZaA3rrDUIdF7BCFw.png]

Once you have done this, add A records for your domain in Cloudflares DNS manager. The A records should point to your Forge servers IP address. For this example, I am going to add a root A entry as well as an entry for the ?www subdomain:

[Image: 1*x0hToZR2mes7z__FokSQeg.png]

Once the DNS has been configured, you may enable SSL on the Cloudflares ?Crypto tab. First, lets set the SSL option to ?Flexible:

[Image: 1*UeTh8ruOm7EB4zrdUScHew.png]

Once the certificate is active, you should be able to navigate to your domain and see a green lock in your browser indicating the request was secured. Great! Next, lets talk about a few caveats and things you should know.
Configuring Full Encryption
Cloudflares ?flexible SSL mode will get you a green lock in your browser; however, traffic between Cloudflare and your server is still unencrypted. The only encrypted part of the request is the segment between your users browser and Cloudflares servers. In order to encrypt the entire request cycle we can use Cloudflares ?Full encryption mode.
First, click the ?Create Certificate button in the ?Origin Certificates section of Cloudflares ?Crypto tab. The default options on the resulting modal window should be sufficient:

[Image: 1*eoEQx0l_U7jy60nnsuzM4g.png]

After clicking ?Next, you will be presented two large text blocks: one for the private key and one for the certificate. Copy both of these text blocks and head back over to Forge.
In Forge, we will install this certificate and key using the ?Install Existing Certificate option under the ?SSL tab of Forges site management panel:

[Image: 1*oz7_58AKUvxn-G4pi4GR9A.png]

Once the certificate is installed and activated in Laravel Forge, you should activate the ?Full SSL mode on Cloudflares ?Crypto tab:

[Image: 1*onGVNJLwe_IvRIzlCqdrNw.png]

Now your requests are fully encrypted all the way to your server! Origin certificates generated by Cloudflare are valid for 15 years, and may easily be re-issued via the Cloudflare dashboard.
Thank you very much

RE: Free Wildcard SSL Using Forge + Cloudflare

#6
Wow... Thank for you shared information... usefull for me...

RE: Free Wildcard SSL Using Forge + Cloudflare

#7
Hey, whats the difference between a wildcard ssl and a flexible ssl?

RE: Free Wildcard SSL Using Forge + Cloudflare

#8
Great post thank you for sharing something like this to us

RE: Free Wildcard SSL Using Forge + Cloudflare

#9
So because the creator of this thread is banned I think we can close it because it isnt working xD

RE: Free Wildcard SSL Using Forge + Cloudflare

#10
Thank man for this great article shared. but does this work on VPS Hosting?

Users browsing this thread: 5 Guest(s)