Do you want to add SSL and HTTPS in WordPress? So users don’t worry if you have no idea what SSL or HTTPS is. In this article, we will show you how to use SSL and HTTPS in WordPress. In order to secure our information, we need a secure connection to be created. For making secure data transfer we use HTTPS and SSL security methods.
Secure Sockets Layer, is a standard technology for establishing security by created an encrypted link between a web browser and a server. This link checks that all the data passed between a web browser and web server remains private to protect that data from being hacked. In other words, SSL is a standard that defines how connections are encrypted with the help of HTTPS.
It is also known as secure HTTP, is an URL scheme which has identical syntax to HTTPS. Mainly, HTTPS signals the web browser to create an added encryption layer of SSL to protect the traffic over the internet to protect the user’s data from others.
There are many of the sites over the internet that are issued a unique SSL certificate for identification purposes. If a server does not allow the access on HTTPS, and it’s certificate doesn’t match, then most of the browsers will warn the users from going to that site.
Working of SSL
First, you need to understand how SSL certificates work.
Mainly, an SSL certificate contains your domain name, company name, address, city, state and country. It has also the information about the expiration date of the certificate and details for the certification authority which is responsible for the issuance of the certificate.
Whenever a browser connects to a secure site it restores the SSL certificate of that site and tests the expiration of that certificate, browser trusts and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end-user.
Why use HTTPS?
HTTPS is very important for being used over an unencrypted network such as Wi-Fi. As per Google, you should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications.
When you open your website content securely via HTTPS connection, then there is a guarantee that nobody will interfere how they are received by users. If you’re so sensitive about doing online business and make payments you need SSL connection. It’s the best way to protect your data to be stolen by hackers.
There are many of the customers that refuse to do anything or doing a business with a website that doesn’t have an SSL certificate. By displaying users a message about the connection is not secure tells them that the further content is not secure, they can leave form that error page or they can also visit that harmful site.
Moving WordPress from HTTP to HTTPS
We will recommend you to make a backup of your WordPress website before proceeding.
After installation the WordPress for your blog, next step is to set up the SSL. To make a website HTTPS, firstly you have to get an SSL certificate for that domain and install it on the server and then change the website permalinks from HTTP to HTTPS.
There are lots of WordPress sites are available on shared hosting servers with the help of cPanel which is provided by the control panel to enable the SSL certificate and disable the misuse of the user’s information.
If you wish to follow with this tutorial, first of all, you have to check whether your shared hosting has SSL/TLS activated or not. If not, then activate it. To check if this activated or not, login to cPanel and see if SSL/TLS manager is shown under the security widgets
Get an SSL Certificate
There are many kinds of SSL certificates. They are mainly categorized into three groups: Organization Validation, Domain Validation and Extended Validation.
- Organization-validated SSL certificates is a type of validation certificate which is present for business and organisational methods. This enables a higher level of security and lets customers know that they can now trust on the web server for their personal information.
- Domain-level validation- It is the basic type of SSL and is generally the least expensive. These type of certificates provide basic encryption and are also issued very quickly and simply check the domain ownership.
- Extended validation– It is the most extended validation certificate which certifying the authority of website & business to provide EV SSL certificate. This type of SSL certificate provides the higher trust to the users because it also displays your business name in the browser. It remains usually high in the price because of its extraordinary feature but you can get cheap price for EV SSL from resellers.
How to Activate an SSL Certificate?
The first step in activation of SSL certificate is finding the CSR code from your hosting company. Below are the steps to obtain the CSR code from an SSL activated the shared-hosting account.
- Firstly, login to your cPanel account and then navigate to the SSL/TLS Manager.
- Now, click on the link below which contains the Certificate Signing Requests (CSR)
- Fill the form for the needed domain name and creating the SSL on and click the Generate button.
- Here the generated domain by you will be shown to you.
- Next is head over to your SSL provider to get started with SSL activation. Enter the CSR code generated above in the provided CSR text area field, select the web-server that your host is running on and click the Next button.
- You will be notified to fill your CSR information and to choose an approval email.
- In the user information area provide your personal contact details and click on the order button after filling the form. An approval email will be sent to your mail. Now follow the instructions to validate your domain.
After the successful completion of the validation, your SSL certificate will be issued and sent to your email.
How to Install the SSL certificate?
- Inside the cPanel SSL/TLS Manager, click on the link beneath Certificates (CRT)
- Upload the SSL certificate (with .crt file extension) or you can also past the certificate in the text area provided.
- Now activate the SSL for your WordPress site. You can also manage this SSL by clicking the link below.
- At last \select the required domain name from the drop-down menu and click on the Autofill by domain and finally click the Install Certificate button.
Configure WordPress for SSL/HTTPS
You have to check that the SSL certificate is successfully installed. To check this on WordPress you just check whether URLs is HTTPS or HTTP like https://example.com or http://example.com
To do this follow the below steps:
- First login to your WordPress dashboard and then go to Settings > General.
- Check that the WordPress Address (URL) and Site Address (URL) are https. If It’s not then you just need to add s after HTTP to make it https and save it.
Now that we’ve successfully moved WordPress to HTTPS.
Still unable to add SSL and HTTPS in your websites. You can talk to our WordPress Customer Support Team. Dial +1-855-945-3219 (Toll-Free).