Cloudflare allows you to use SSL (there are varying levels). In order to get this running, here are the basic steps that I performed to enable SSL with Cloudflare and WordPress the first time. Edits to this post will happen if other issues arise in subsequent attempts.
Enable SSL in Cloudflare
– Under the settings summary there is a security section with SSL listed. This is liekly set to Flexible. There are different types, but we will use Flexible.
– Create a PageRule in your CloudFlare PageRule settings to force https:// with a format of *yourdomain.com* (keep the asterisks! eg: http://*conceptclarity.ca* ). Make sure the “Always use https://“ toggle is switched to on.
WordPress Set up
– Install Cloudflare plugin
– Install SSL Insecure Content Fixer, play with settings until no mixed content warnings appear. *On the second site I did I had to change the HTTPS detection setting to get the green checkmark
Fixing a redirect issue, and also Visual Composer loading over http:// – add this to wp-config.php: (from https://wordpress.org/support/topic/load-tinymce-assets-over-ssl)
define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';