If you have your own custom domain name with Stitch, this help guide will show you how to make it secure with a free SSL certificate, powered by Cloudflare.
A prerequisite for enabling SSL on a custom domain is to have a Stitch website with a custom domain configured.
First, the basics…
- Domain names aren’t provided by Zibbet. You will need to purchase one from a domain name provider, if you don’t have one already.
- Making your site available in https (SSL) means it’s more secure for your users.
- Zibbet doesn’t directly offer the ability to use https, but the below guide will allow you to use Cloudflare to provide this functionality. It's also free!
- Having a https enabled site will increase your rankings in Google's search results.
Enabling "https" through Cloudflare will require Cloudflare to host your DNS. Cloudflare is currently trusted by over 20 Million websites. The below guide will step you through transitioning your DNS over to Cloudflare.
To enable https for your Stitch custom domain go to https://www.cloudflare.com/ and click “Sign Up” in the top-right corner.
Enter the name of your custom domain. Leave out the "www" at the front for now.
Next, we need to choose a Cloudflare plan. To enable basic https we are able to use the “Free” plan. Click on it and then “Confirm plan”.
Cloudflare will detect your current DNS records and replicate them. Confirm they look as expected and click “Continue”.
Follow the steps provided by Cloudflare to point your domain to Cloudflare DNS servers.
This step is critical. If done incorrectly you can cause an outage of your site. Double check details in this step.
Now that your site is going through Cloudflare, go to "SSL/TLS" in the top navigation bar. Select “Flexible” in the SSL options available. This will enable https between the browser and Cloudflare.
Let's test https is working correctly...
In a new browser tab, go to your custom domain on https. For example, our domain is zibbetmerch.com, so we go to https://www.zibbetmerch.com
You should see a lock with a valid certificate near the start of the address bar. Click on it.
The final step is to redirect all http (non-secure) to https (secure) with a page rule in Cloudflare. This step is recommended, but optional.
Click "Page Rules" in the top navigation bar.
Click “Create Page Rule”
In the section “If the URL matches” enter your custom domain (with the "www"), with a /* at the end.
For example, our domain is zibbetmerch.com, so we entered http://www.zibbetmerch.com/*
Under “Then the settings are” click “Add a Setting” and under “Pick a setting” click “Forwarding URL”.
For “Select a status”, select “301 - Permanent Redirect”.
In the “Enter destination URL” enter "https://" followed by your domain (with the "www").
For example, our domain is zibbetmerch.com, so we entered https://www.zibbetmerch.com/
Click “Save and Deploy”.
That’s it. You’re done!
If you have any questions at all, please contact us.