Blog

How to get free SSL for your SquareSpace website with CloudFlare

I noticed that many people struggle with setting up CloudFlare and SSL for their SquareSpace site, so here's our offer - let us do the setup for you for a flat fee of just $49!

Click here and fill out the form and we'll get in touch with you soon after!

I recently set up SSL for one of my websites which runs on SquareSpace and was amazed by how fast and straightforward it was using CloudFlare - not to mention that it's completely free! Since the only information I could find on this topic is an entry on the SquareSpace help site with some outdated information, I thought I'd document the necessary steps here.

Buckle up!

Step one - sign up to CloudFlare

Pretty obvious, eh? Go ahead and sign up, it's free!

Step two - add your domain to CloudFlare

Don't worry, this won't have any effect on your site yet. You can add your domain to CloudFlare and configure it there, but only when you change the name servers of your domain to point to CloudFlare, your configuration will come into effect.

So go ahead and add your domain. CloudFlare will automatically detect all your DNS records. This is how the configuration looks like for the domain I added:

How to get free SSL for your SquareSpace website with CloudFlare

Ignore the grayed out entries, the important one is the one in the red box. It basically says that www.yourdomain.com should point to ext-cust.squarespace.com. Make sure the cloud symbol in the "Active" column is enabled (orange) for this entry.

Important: to make this work, www.yourdomain.com must be linked to your SquareSpace website. Here are the instructions on how to do that.

The entry in the green box makes your "naked domain" (yourdomain.com) forward to your www subdomain. Check out my previous post on how this works and why it is a good idea.

After setting up and confirming your DNS records, simply choose the free plan and leave all other settings on the default values. When you come to the screen where you're asked to change the name servers, skip it by clicking on "Websites" in the top navigation. This gives you the chance to finish the rest of the configuration before changing your name servers.

Step three - enable SSL

Click on "CloudFlare settings" next to your domain to configure SSL. CloudFlare offers three SSL configuration options:

  • Flexible SSL - the connection between the user and the CloudFlare server is encrypted but CloudFlare connects to your SquareSpace website via HTTP (non-secure)

  • Full SSL - like Flexible SSL, but CloudFlare also connects to your SquareSpace website via HTTPs (secure)

  • Full SSL (Strict) - like Full SSL, but CloudFlare expects a valid SSL certificate on your SquareSpace website

How to get free SSL for your SquareSpace website with CloudFlare

Flexible SSL is great if you have a website or web app that does not work on HTTPS, because it lets your users access it via HTTPS without you having to touch it.

Since SquareSpace has HTTPS for all *.squarespace.com sites enabled by default (check this by navigating to https://yoursite.squarespace.com and verify that it works), we should choose Full SSL here. (Full SSL (Strict) would require a SSL certificate specifically for yoursite.squarespace.com, not *.squarespace.com).

Step four - change name servers

Now it's time to actually change the name servers of your domain to point to CloudFlare. Go back to the list of your websites and click on "Continue setup >" next to your SquareSpace domain. This will bring you to the screen that prompts you to change the name servers.

To change your name servers, you have to log in to your domain registrar or DNS management service. Google the name of your registrar and "change name servers" if you're unsure how to do so.

Step five - always use HTTPS

Now we should configure CloudFlare to always use HTTPS, i.e. forward all HTTP requests to HTTPS. This makes sure that all users access your site via HTTPS.

To always use HTTPS, create a "Page rule" for your domain:

How to get free SSL for your SquareSpace website with CloudFlare

Enter yourdomain.com/* (with your actual domain of course) as the URL pattern, enable "Always use https", and click "Add rule"

Important: you need to have changed your name servers first, otherwise the "always use https" option doesn't show up. If you don't see it and just changed your name servers, give it some time (1-2 hours) and try again.

That's it!

Now, http://www.yourdomain.com should forward to https://www.yourdomain.com, and all subpages, too.

Enjoy your safe and encrypted SquareSpace site! :)

Discuss this post on Hacker News

Ideas? Constructive criticism? Think I'm stupid? Let me know in the comments!