Free SSL on a non-SSL Hoster without root access (e.g. for WordPress)

For e.g. I use a free hoster like bplaced.net for many years now,

there are many hosters who does not provide a ssl certificat,

if you have a kvm or cloud server it’s easy to setup with let’s encrypt and certbot so i do not understand why they don’t, since this year let’s encrypt also provide ssl cert with domain wildcards.

if you don’t have root access and use a free hoster we can use a trick with cloudflare.

Register on Cloudflare

goto Crypto

change settings:
SSL FLEXIBLE
Always Use HTTPS ON
Automatic HTTPS Rewrites ON

add to your “wp-config.php” or “index.php” the following code inside php tags:

/** SSL */
define(‘FORCE_SSL_ADMIN’, true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)
$_SERVER[‘HTTPS’]=’on’;

?>

go to your wordpress admin panel
https:///wp/wp-admin/options-general.php

Change: WordPress-Adresse (URL) and Website-Adresse (URL)
to https:// instead of http://

Test: https://www.jitbit.com/sslcheck/

Leave a Reply

Your email address will not be published.