Setting Up Site Security/Accelerator Services with Pagely
Last Updated -
At Pagely, we provide a full caching, security, and CDN layer for your site to utilize. However, you might decide to use an additional gateway solution such as:
- CloudFlare
- SiteLock
- Sucuri
- Fastly
- Incapsula
While these services will typically work fine, you'll likely want to do a bit of extra configuration when setting them up. Inside this article, we'll go over some common settings that you may need to set.
SSL/Let's Encrypt with Third-Party Services
How do I use Let's Encrypt at Pagely with these services?
The rule with any service that sits in front of your Pagely site is that you have to set up SSL there first before you setup SSL at Pagely. SSLs at these services have many names, but underneath serve the same purpose.
Can I Just Use Let's Encrypt at Pagely?
The only scenario where this will work is if you stop using these services and point your site directly to Pagely. If you use one of these services with Let's Encrypt (or any certificate installed at Pagely), you must enable SSL at the 3rd-party service before doing so at Pagely.
CloudFlare
If you're using Cloudflare, you'll need to have Flexible SSL enabled within Cloudflare before activating SSL on the Pagely side of things.
Sucuri
Before using SSL within your Pagely site, you'll need to first:
- Enable Partial HTTPS in the Sucuri console.
- Enable the Forward Certificate Validation option at Sucuri and have them provision a Let's Encrypt certificate on your behalf. You may need to contact Sucuri support to have this enabled.
Cloudflare and Sucuri
If you are using both Cloudflare and Sucuri in combination, please refer to this Sucuri KB article for more information.
Once a Let's Encrypt certificate has been successfully generated and linked to your domain, you can go ahead and re-enable "Full SSL" at both Cloudflare and Sucuri.
For Sucuri, you'll need to leave the "Forward Certificate Validation" option enabled for the lifetime of the domain.
Can I Just Use the Site Security/Accelerator Service's SSL?
In most cases, their SSL is adequate and you won't need to enable SSL on the Pagely side. The important aspect of SSL is the gateway that the user is interacting with.
If you're using a 3rd-party security or accelerator service, users visiting your site will be interacting with that service. Because of this, they will be utilizing that service's SSL.
