One of the most significant things about SlickStack is that it assumes pairing with CloudFlare. This means that, although CloudFlare is a third party SaaS service and not “installed” by SlickStack directly, your website domain should be on a CloudFlare account to work properly with SlickStack.
Specifically, because SlickStack installs OpenSSL (free) as part of Ubuntu LTS, this is a self-signed SSL certificate that browsers will think is not “signed” properly. But if you have your domain behind CloudFlare, their proxy service will automatically pair with OpenSSL and then “sign” your SSL certificate on the frontend of your website, and convert it to a Comodo SSL certificate.
SlickStack installs the free CloudFlare plugin from LittleBizzy as an MU plugin, which lets you connect your WordPress site to CloudFlare using their API. The plugin supports a few different functions including purging the CloudFlare cache, enabling “dev” mode, and some upcoming features like displaying your DNS records in the WP Admin Dashboard.
Generally, we want to keep SlickStack as free from third party apps as possible. But currently, due to CloudFlare’s massive (and growing) market share, and due to the fact that no other service currently offers these type of features, we felt it was the best approach for now.
We will monitor the industry closely going forward, and may change to using Let’s Encrypt certificates at some point. But for now, OpenSSL is a lot easier and more stable to deal with, does not require any third party Linux packages to be installed, and it also never “expires” (Let’s Encrypt expires every 90 days, making it a potential nightmare to deal with).
It’s possible that CloudFlare competitors like StackPath may offer a similar solution soon, in which case we might consider that too. But at this point we expect CloudFlare to remain a part of SlickStack’s approach for several more years.