Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

The Community Blog is a personal opinion of community members and by no means the official standpoint of DNN Corp or DNN Platform. This is a place to express personal thoughts about DNNPlatform, the community and its ecosystem. Do you have useful information that you would like to share with the DNN Community in a featured article or blog? If so, please contact .

The use of the Community Blog is covered by our Community Blog Guidelines - please read before commenting or posting.


CloudFlare for DNN

I was helping my friend Clint Patterson deploy a new DNN website and recommended that we enforce HTTPS even though for the small website he really didn’t need it. With the ease of tools such as CloudFlare it is really easy to set up and enforce https which not only makes your site secure but makes your users feel comfortable with the lock icon displaying in the browser.

Why CloudFlare?

Pros Cons
Free SSL Certificate You need to use CloudFlare as your nameserver
Free CDN just by signing up You have to use CloudFlare to configure your DNS Records
Free Static Content minification You have to get over CloudBleed
Built in advanced Cryptography features  
DNN Performance Increase  
Search Engine Optimization  

 

This isn’t a complete list but some things to start thinking about

I try to configure all of my websites with cloudflare because the SSL support and CDN are both huge and the performance increase is apparent after the switch for DNN websites.

CloudFlare Pre-Reqs

While there is no real Pre-Reqs to get started with cloudflare I have a small checklist I go through that simplifies issues that may arise.

Does my website do any of the following

  • Serve any HTTP routes?
  • Reference external routes or libraries such as a javascript library that are linked over HTTP
  • Serve any images that are external links over HTTP
  • Do anything of HTTP

There is a trend here on my checklist:

  • “Does my website do anything over HTTP or unsecured traffic?”

If you answered yes to any of these questions, go ahead and fix all of them before moving on. If you do not you will run into issues with your CloudFlare configuration on most popular browsers which will return a Mixed Content Error

Mixed Content Errors

What is a Mixted Content Error?

This is a fancy word that your website was connected via https and is secure but links on your website such as images, anchors or static content were served unencrypted over http. You should fix this now and not have to deal with it later.

Configure CloudFlare

Start off by going to CloudFlare and creating a free account. Once you are done creating your account we are ready to add your site:

  1. Click + Add Site in the navigation bar
  2. Enter the name of your site

CloudFlare will now query your DNS records to make your transition as simple as possible. This means it will try and determine all of your DNS records so you don’t need to enter them.

Before you continue I suggest you have all of your records backed up just in case something goes wrong. It’ll also be handy if not all of your records are copied over.

  1. Make sure you select the FREE Plan unless you need something a little bit more powerful
  2. The next screen shows all of your DNS records, you can add new ones if you want. We can always change this later
  3. Update your nameservers: This will vary depending on your domain registrar, but copy the nameservers provided by the cloudflare setup

That’s IT!

Really, that is all you need to do to setup CloudFlare and all of your traffic has now been optimized.

Setup SSL Certificate

We still have one last thing to do before we can say we are really done, we need to set up our SSL Certificate and enforce HTTPS.

Navigate to your newly configured website’s dashboard on the CloudFlare interface. You should see a list of controls at the top. We want to select Crypto

Cloud Flare Nav Bar

Complete the following steps:

  • SSL Mode
  • Create Certificate
  • Enforce HTTPS

SSL Mode

At the top of the crypto page you will see a an option to change the type of SSL mode we are using on our website.

You want to use Full

This means that you want all of your traffic to be served over HTTPS

Create Certificate

Scrolling down the page you will see a section called Origin Certificates with a button labeled “Create Certificate”. This is not to be confused with “Edge Certificates”. See the screenshot below:

Cloud Flare Create Certificate

After selecting Create Certificate you will be asked some general questions about your certificate. For the most part you can leave everything filled in

Click the next button and your certificate will be generated. You should see the following information:

  • Certificate
  • Private Key

This is where things get tricky for DNN, you need to copy the contents of your Private Key and install it onto your IIS Instance. This configuration varies with just about every hosting provider so it may be best to contact support and let them know what you are trying to do. They should be able to help you.

Remember, the private key is generated only once so if you lose it, you will have to regenerate your certificate.

Certificate Status

In my experience it takes about 1-60 minutes for the certificate to start working correctly. CloudFlare documentation states it may take up to 24 hours. It typically happens in about 15 minutes for me.

Enforce HTTPS

As you scroll through the different Crypto Settings in CloudFlare you will notice the following settings:

  • Always use HTTPS
  • Automatic HTTPS Rewrites

I recommend turning both of these on. They will force every connection to your site to be through a HTTPS connection and if something is served from your site for some reason as HTTP it will re-write it to use HTTPS.

The HTTPS Rewrite feature doesn’t always work, but it is a good idea as a safe guard

That’s Really It!

After completing everything documented here you should have a DNN instance running with SSL and using CloudFlare. You should start to notice secure traffic and much faster load times.

Comments

Will Strohl
Great blog, Andrew! One really annoying con that I've run into is that FTP is sometimes difficult to set up when CloudFlare is involved.
Will Strohl Friday, April 13, 2018 5:58 PM (link)
Andrew Hoefling
It would be really cool to put together a list of pros and cons specific to DNN for CloudFlare. I remember reading somewhere that the ip addresses don't show up correctly in the logs
Andrew Hoefling Friday, April 13, 2018 6:24 PM (link)
Horacio Judeikin
specific to DNN for CloudFlare => Don't enable DNN's "SSL Settings". The site will not work (endless redirects)
Horacio Judeikin Friday, April 13, 2018 7:59 PM (link)
Mike Smeltzer
Great article. Security expert Troy Hunt has a good article that describes some of the decisions you need to make when using a service like CloudFlare and also the benefits on it. You can find his post at https://www.troyhunt.com/cloudflare-ssl-and-unhealthy-security-absolutism/.
Mike Smeltzer Tuesday, April 24, 2018 11:13 PM (link)

Comment Form

Only registered users may post comments.

NewsArchives


Aderson Oliveira (22)
Alec Whittington (11)
Alessandra Daniels (3)
Alex Shirley (10)
Andrew Hoefling (3)
Andrew Nurse (30)
Andy Tryba (1)
Anthony Glenwright (5)
Antonio Chagoury (28)
Ash Prasad (37)
Ben Schmidt (1)
Benjamin Hermann (25)
Benoit Sarton (9)
Beth Firebaugh (12)
Bill Walker (36)
Bob Kruger (5)
Bogdan Litescu (1)
Brian Dukes (2)
Brice Snow (1)
Bruce Chapman (20)
Bryan Andrews (1)
cathal connolly (55)
Charles Nurse (163)
Chris Hammond (213)
Chris Paterra (55)
Clint Patterson (108)
Cuong Dang (21)
Daniel Bartholomew (2)
Daniel Mettler (181)
Daniel Valadas (48)
Dave Buckner (2)
David Poindexter (12)
David Rodriguez (3)
Dennis Shiao (1)
Doug Howell (11)
Erik van Ballegoij (30)
Ernst Peter Tamminga (80)
Francisco Perez Andres (17)
Geoff Barlow (12)
George Alatrash (12)
Gifford Watkins (3)
Gilles Le Pigocher (3)
Ian Robinson (7)
Israel Martinez (17)
Jan Blomquist (2)
Jan Jonas (3)
Jaspreet Bhatia (1)
Jenni Merrifield (6)
Joe Brinkman (274)
John Mitchell (1)
Jon Henning (14)
Jonathan Sheely (4)
Jordan Coopersmith (1)
Joseph Craig (2)
Kan Ma (1)
Keivan Beigi (3)
Kelly Ford (4)
Ken Grierson (10)
Kevin Schreiner (6)
Leigh Pointer (31)
Lorraine Young (60)
Malik Khan (1)
Matt Rutledge (2)
Matthias Schlomann (16)
Mauricio Márquez (5)
Michael Doxsey (7)
Michael Tobisch (3)
Michael Washington (202)
Miguel Gatmaytan (3)
Mike Horton (19)
Mitchel Sellers (40)
Nathan Rover (3)
Navin V Nagiah (14)
Néstor Sánchez (31)
Nik Kalyani (14)
Oliver Hine (1)
Patricio F. Salinas (1)
Patrick Ryan (1)
Peter Donker (54)
Philip Beadle (135)
Philipp Becker (4)
Richard Dumas (22)
Robert J Collins (5)
Roger Selwyn (8)
Ruben Lopez (1)
Ryan Martinez (1)
Sacha Trauwaen (1)
Salar Golestanian (4)
Sanjay Mehrotra (9)
Scott McCulloch (1)
Scott Schlesier (11)
Scott Wilkinson (3)
Scott Willhite (97)
Sebastian Leupold (80)
Shaun Walker (237)
Shawn Mehaffie (17)
Stefan Cullmann (12)
Stefan Kamphuis (12)
Steve Fabian (31)
Steven Fisher (1)
Tony Henrich (3)
Torsten Weggen (3)
Tycho de Waard (4)
Vicenç Masanas (27)
Vincent Nguyen (3)
Vitaly Kozadayev (6)
Will Morgenweck (40)
Will Strohl (180)
William Severance (5)
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out