WordPress is a gem. It has dominated the internet in the past decade. Until now, almost 25% of the site are powered by WordPress, and the number is growing by 1% every year. This way, it will rule half of the internet website in the next 25 years.
WordPress CMS is easy to use, install and maintain. The ecosystem of WordPress also makes it a great platform to use. You can add new functionalities of WordPress using plugins or change the design by swapping a theme. All the factors add to the popularity of the platform.
What is SSL?
SSL (Secure Socket Layer) is a web standard for encrypting the communication between the users the website. The encryption is put into place so that hackers cannot intercept the communication, enabling safe browsing for both the user and the website. The security can safeguard vital information, improving user experience and the credibility of the site using SSL.
SSL is not new. The first certificates were issued in 1996. Since then, it has improved a lot, including a change in name. It is now known as “TLS.” The term, “SSL” still stands strong in the community.
Adding an SSL certificate to your website is a giant leap for securing your site. The current security trends suggest that having an SSL certificate not only improves your site security but also make your site valuable in the eyes of Google.
About Let’s Encrypt
Last year, many users wanted to know how to install free SSL to the website. At that time, it was not possible to install one because of no free SSL. But, that’s being changed now.
Let’s Encrypt is an open source initiative from the giant companies such as Automattic, Chrome, Facebook, Sucuri, Mozilla and Cisco to make the internet a better place. They provide free SSL certificate, an open source certificate authority, providing free SSL for anyone out there.
Why Should You Use SSL?
SSL is used for the primary purpose of hiding your vital information from hackers. Let’s take an example. An e-commerce website contains important information about the visitor. Aside from that, the visitor needs to enter payment information during a checkout. If the site is not SSL protected, the information sent by the visitor to the website server can easily be hacked by a hacker who intercepts the communication. Stealing of information can be a tricky proposition for the user as well as the website.
Moreover, the hacker can change the transmitted information, enabling manipulation and eventually the ability to hack into the web server listening to the request.
SSL certificate makes the website more secure. Until now, it was tough to get an SSL certificate for free. But, now with the initiate of Let’s Encrypt, you can install the free SSL certificate.
Installing the Free SSL certificate from Let’s Encrypt
Let’s get to business. Installing the free SSL certificate from Let’s Encrypt can be a tough task, considering that not many users understand technology in-depth. That’s why many web hosting companies have automated the process of adding the free SSL certificate from Let’s Encrypt.
To make sure that we handle both the scenarios, let’s go through the SSL setup with primary web hosting providers on the web.
Adding SSL in SiteGround
SiteGround is a well-known web hosting provider for WordPress. To the amazement of their customers, they have added a nifty Let’s Encrypt SSL addition option.
All you need to do is login into your cPanel. Once inside, you need to move to the security section and then click on the Let’s Encrypt Icon.
After clicking the icon, you will see a page showing the status of Let’s Encrypt. All you need to do is select a domain name and add a valid email address for communication purposes.
Once installed, it will show a success message. And, that’s it. The free SSL from Let’s Encrypt is installed.
But, there is one small step that you need to do before everything work as intended.
Adding SSL in DreamHost
Similar to SiteGround, DreamHost has also started supporting Free SSL certificates. To install the free SSL certificate, you need to go the DreamHost hosting panel and then go to “Domain section“. Once there, you need to click on “Add Secure Hosting” to make it work.
Select the domain you want to install SSL certificate on and then click on “Add Now” to complete the process. You can also choose to add a unique IP address. The change will ensure that the site is rendered correctly on all the web browsers out there, especially the older one like the Internet Explorer.
Doing The Manual Install
Even though we love free SSL, but if you web host doesn’t have automation for adding the SSL, adding SSL can be tough.
WPMUDev has a very detailed tutorial on how to install the free SSL from Let’s Encrypt manually. It includes checking server capabilities, using Let’s Encrypt beta solution, which might not be your thing.
The guide consists of running scripts over the shell and requires a good understanding of things work. So, if you are not sure what you are doing, it is better to wait until the web host implements the automated way of adding the SSL or hire a tech person to do it for you.
Also, there are chances that your web host works differently than others. So, it is always a good idea to contact the web host on how to proceed with the installation. You can also check the guide section of the web host for any installation guides available.
Updating WordPress After the SSL Installation
SSL certificate changes the URL of the website. Let’s take an example to understand the situation better.
For sites without SSL installed, the URL will look like similar to: http://www.xyz.com
Once, the SSL certificate is installed; the URL will be modified to the following: https://www.xyz.com
Both the URLs are different and hence needed to be handled carefully.
Configuring a Brand New Website
If you have a brand new website, chances have Google has not crawled it yet, or the crawled pages will not impact you. Then, you can quickly make the changes using the Settings options in WordPress.
First, you need to go to the Settings and then update both the WordPress Address(URL) and Site Address(URL) to new HTTPS URL.
If you have an old website and tons of pages already crawled. It is a good idea to use the Really Simple SSL. All you need to do is install the plugin and let it handle the changes. It sets up any redirection required and also fixes any insecure content issues.
Don’t Forget to Update Google Analytics
Google is uncanny in its understanding of the internet. They take HTTP and https website different from each other. To make sure that your website is tracked correctly, you need to add new website using the https URL.
Also, it is necessary to change the default URL of the site to the https version.
More in WordPress Security:
Over To You
SSL not only improves the site security, but it also adds a trust mark to the website. Users find it easy to trust the website, increasing sales conversion and improving the profit of the website.
In short, it is always a good idea to install SSL on your website. Many web hosting companies are slowly implementing the free SSL certificate from Let’s Encrypt. It is an ongoing process, and your host might be on the verge of supporting the free SSL certificate. If you don’t want to wait, manual installation is the way to go.
Did you like the guide? If so, don’t forget to share and comment. We would also love to hear more about your opinion on Internet security and why it is important for your website.