Securing your WordPress site with SSL (HTTPS)

by Robin Belly Digital Marketing Agency | SEO

Website visitors wish to feel safe, the safer they feel, the longer they stay your site and therefore the more likely they're to return to you for your products or services. Fairly recently, the varied browsers (Chrome, Firefox, Edge, etc) have begun to flag sites that don’t have SSL certificates as ‘Not Secure’, placing a warning within the address bar. This is often inevitably getting to worry a number of your visitors, but is fairly simple to map out.

So, what are an SSL certificate and the way can we apply one to a WordPress site?

SSL provides secure, encrypted connections between networked computers; between the online server and therefore the user’s browser software. This is often particularly important on eCommerce sites, where personal data linked with financial information is being transmitted. to use SSL encryption, you would like an SSL certificate, these are available from variety of certificate authorities and are available in various ‘strengths’ – the safer there , the costlier they become.

If you’re running an eCommerce site, most payment companies like PayPal, Stripe, Authorize.net, etc would require you to possess a secure connection before accepting payments.

For most WordPress sites a free SSL certificate is quite enough, the browser software will show the secure padlock within the address bar and your visitors will feel safe. But if you’re getting to handle MasterCard payments yourself, you’ll get to ask your server administrator and one among the certificate authorities – here may be a good place to read more.

Applying a free SSL Certificate to a WordPress site

If all you’re trying to find may be a padlock within the browser address bar and an https:// address, then you only need a basic certificate. These are often applied during a number of the way …

Your host – the simplest WordPress hosting companies offer free SSL certificates for all their users. Login to your hosting account cPanel dashboard, find the ‘Security’ section and see if you've got the choice to use a free certificate. Switch it on if so then read subsequent section below regarding updating WordPress.

Route traffic via Cloudflare – Cloudflare provides variety of services for businesses, non-profits, bloggers, and anyone with an online presence. Their hottest service allows you to route all you traffic via their network, which not only helps to hurry sites up, but also helps to prevent hacking and denial of service attempts. Alongside these, there's a really useful and free SSL encryption service, which you'll turn on and off very simply. to line it all up you’ll first got to route your traffic via their servers – Visit their site, have a read and found out an account, it’s all free. If you would like some help, please give us a shout.

Apply a LetsEncrypt certificate on your server – Tricky … unless you're proud of Linux command-lines and know what you’re doing, you’re getting to need help. You’ll also need shell access to your server, which most hosts don’t allow. And you’ll get to reapply the certificate on a daily basis. We’d suggest you seek help from your host on this, or give us a shout.

Updating WordPress to serve https instead of http

Once you’ve applied your SSL certificate, you'll well need to WordPress Support, otherwise it’ll just keep it up serving the pages ‘insecurely’. First, test to ascertain whether you would like to form any changes by opening the location in your browser. If the padlock appears that’s an honest initiative. Now try manually entering the location address with http:// at the front. Hopefully, it’ll automatically redirect and you’ll be served the pages with the padlock showing. Job done. If not, read on …

By far the only thanks to force an SSL certificate WordPress site to serve its pages via https is to use a plug-in. There are varieties of plug-in which will do that. One among the foremost popular is basically Simple SSL, it takes away all the effort, click that link, install and follow the instructions. Once you’ve done that, check the location is showing a padlock and redirecting to https once you enter the address with an http at the front.

Hopefully your site is now reporting as secure. There are a couple of cases where some things will still need tweaking – for instance , if you set your site up and had it running before you applied the SSL certificate and changes, your theme and possibly plugins, may have http links in their settings; your logo and/or favicon for instance. Undergo all of your settings, changing any http references to https, save and reload the location. If you’re still having problems, give us a call, it’s often an easy fix and we’re great at spotting such things.

Is SSL good for SEO?

Whilst the most point of getting an SSL certificate is to supply encrypted traffic, consistent with most SEO experts, secured sites seem to rank higher. This does make sense; people will naturally visit a secure site over a non-secure one and can stay longer, Google will ‘see’ this via its analytics engine and can therefore rank the location more highly.