Configuring Jetpack to work with CloudFlare

Cloudflare is a service that provides content distribution, caching and protection for your website. Jetpack is a WordPress plugin that provides statistics, search engine optimization, social sharing, protection, backups, security and many other options. To provide these services, Jetpack must pass data through the xmlrpc.php file. Normally, CloudFlare is compatible with WordPress and does not require additional configuration in order to use the plugin. CloudFlare provides a rule that blocks non-authorized access to the file. However, there are times when some additional configuration is required in order for the WordPress Administrator to function properly.

Making a Pagerule for the WordPress Administrator

Changes will be made in CloudFlare’s dashboard. Basically, you will be creating a rule that allows for the WordPress dashboard to be excluded from CloudFlare.

  1. Log in to the CloudFlare dashboard and select the site that you wish to apply the rule to
  2. Click on Page Rules
  3. Select Add New Rule
  4. In field labeled “If the URL matches:”, type in the URL that you use to access your WordPress Administrator Dashboard. Typically, it is in this format: Site-name.com/wp-admin
  5. In the settings for the site check to make sure that:

    -Security is disabled
    -Cache level is set to “Bypass”
    -Apps are disabled
    -Performance is disabled
  6. Click on Save and Deploy

Configuring CloudFlare when using a SSL Certificates on your WordPress site

If you are hosting with InMotion Hosting, it is possible that you have enabled either a purchased SSL certificate or a free SSL certificate for your WordPress site. If you do this, then you will need to configure CloudFlare to take this change into account. Follow the steps below to set the PageRule for a certificate from WordPress:

  1. Log in to the CloudFlare dashboard and select the site that you wish to apply the rule to
  2. Click on Page Rules
  3. Select Add New Rule
  4. In field labeled “If the URL matches:”, type in the URL that you use to access your WordPress Administrator Dashboard. Typically, it is in this format: Site-name.com/wp-admin
  5. Select the option labeled “Always Use HTTPS”
  6. Click on Save and Deploy to apply your new Pagerule

Editing the WP-CONFIG.PHP file and Changing the WordPress URLs to use HTTPS

When you have the rule set, you will also need to edit the WP-CONFIG.PHP file for your WordPress installation. You will also need to go into your WordPress Settings and make changes to the Site and WordPress address.

In order to make changes to the WP-CONFIG.PHP, you will need access to your WordPress installation files. To learn more about editing a file using cPanel or FTP, please see How to Edit a File on My Server.

  1. You will need to enable access to your Administrator Dashboard over SSL using port 443 by adding the following code:

    /** * Admin over SSL and set port 443 */ define('FORCE_SSL_ADMIN', true); $_SERVER['SERVER_PORT'] = 443;

    Make sure that you save the changes after you have edited your file.

  2. Login to your WordPress Administrator dashboard as an administrator
  3. Click on Settings
  4. Click on General
  5. Change the addresses for both the Site and WordPress URLs. Change the “HTTP” to “HTTPS”.

Using CloudFlare’s SSL Certificate

If you are using CloudFlare’s SSL certificate, then you will need to configure CloudFlare and load some plugins. Follow the steps below to configure your CloudFlare site to specifically use the CloudFlare SSL certificate.

  1. Log in into your CloudFlare dashboard
  2. Go to the Crypto menu to enable one of the Cloudflare’s SSL options. The option should be Encrypt communication to and from your website using SSL.
  3. You will need to wait for option to be available on your site. Once the option is active, install the CloudFlare plugin.
  4. After you have completed installing the CloudFlare plugin, install the Cloudflare Flexible SSL.
  5. You will need to enable access to your Administrator Dashboard over SSL using port 443 by adding the following code:

    /** * Admin over SSL and set port 443 */ define('FORCE_SSL_ADMIN', true); $_SERVER['SERVER_PORT'] = 443;

    Make sure that you save the changes after you have edited your file.

  6. Login to your WordPress Administrator dashboard as an administrator
  7. Click on Settings
  8. Click on General
  9. Change the addresses for both the Site and WordPress URLs. Change the “HTTP” to “HTTPS”.

Leave a Reply