You’ve probably heard about some of the benefits of installing SSL on your website, but have you done it yet? Many people are reluctant to get their own SSL certificate because they think it’s a very technical process and would require a developer to set up.
SSL is an abbreviation of Secure Socket Layer. If that didn’t sound technical, browsing through different certificates for sale, where they often use even more confusing marketing terminology to describe the secure connections, could make you stop immediately. However, SSL is here to stay, and that’s because it provides much-needed safety for your website’s visitors.
Apart from creating a token of trust with your users, there are other benefits, such as Google preferring SSL-certified websites in their search results and backlinks from various SSL listing sites.
Keeping with Google, their browser, Chrome, is expected to start displaying warning messages if the website is not connected securely by 2017. While this won’t apply to all websites, if your site has a form, search field, comment area or payment info, your site risks being listed as insecure automatically.
5 Ways To install SSL Certificate on WordPress Site
You need to follow these steps To install SSL Certificate on your WordPress site.
#1. Purchase an SSL Certificate:
You can purchase an SSL certificate from a trusted SSL provider. Many providers exist, such as Let’s Encrypt, Comodo, and GoDaddy.
#2. Verify your domain ownership:
After purchasing an SSL certificate, you need to verify your domain ownership. You will receive an email with instructions on how to do this. Follow the instructions carefully to verify your domain ownership.
#3. Install SSL Certificate:
Once you have verified your domain ownership, you can install the SSL certificate on your website. You can do this by accessing your hosting control panel or using a plugin like Really Simple SSL.
#4. Configure WordPress to use SSL:
After installing the SSL certificate, you must configure your WordPress site to use SSL. You can update your WordPress site URL to use https instead of HTTP. To do this, go to the General Settings page in the WordPress dashboard and change the WordPress Address (URL) and Site Address (URL) fields to HTTPS.
#5. Test your SSL Certificate:
Finally, you should test your SSL certificate to ensure it works correctly. You can use an online SSL checker like SSL Labs or Qualys SSL Labs to test your SSL certificate and get a report on its security and configuration.
So besides the technical hurdle of having the certificate installed, there are no real reasons not to use one and plenty of reasons to get one today.
How To get one?
Looking back just a few years, things have gotten much easier about buying and installing SSL certificates without having a developer to help out. Many of the larger hosting sites have begun offering SSL packages and solutions directly to website owners, some even helping out with installation free of charge.
Not only are we seeing a trend where you can have a certificate installed with help from your hosting company, but many of these businesses are also offering free SSL certificates as a marketing ploy.
Normally, these types of certificates are free of charge and rather low quality, meaning that the speeds and level of security are also on the low end, but still, it’s better than not having one at all and provides a great way to get one’s feet wet.
How Do SSL Certificates work?
Most hosting companies use a few different services to provide free SSL certificates to their users. One such service is Lets Encrypt, a non-profit organization with the primary goal of advanced SSL usage online.
They offer these SSL certificates free of charge to anyone interested and are another great place to start if you need clarification on whether SSL is for you.
Technically SSL certificates work by identifying the website compared to the list of data maintained by the SSL provider. These providers are responsible for security in terms of having an up-to-date list of secured websites and are, in layperson’s terms, the middle man vouching for the website’s safety.
Once a user visits your website with SSL enabled, the user’s browser will ask your web server to identify itself, and the data your server sends must be the same as the SSL certificate has registered. This means that it is no longer possible for hackers to intercept your data and change the content for one.
Once The certificate is issued.
As soon as you’ve got your SSL certificate issued, you’ll need to install it on your web server. This will likely happen through the control panel of your hosting provider, where you will need to copy and paste some encrypted lines of code from the SSL certificate into the hosting panel.
Once this is done, one more step is left. It should now be possible to access your website via https://yoursite.com, and if it works, your SSL is working fully now. However, your old website is still at http://yoursite.com and will need a 301 redirect to send users from HTTP to HTTPS.
Redirecting HTTP to HTTPS can be done in several ways. One of the most popular is to add a few lines to your .htaccess file in the root of your web server’s folder. Another way is to use the hosting panel’s options and add a redirect rule, eliminating the need to use code.
If you are using a content management system, such as WordPress, Drupal or Joomla, there are already created plugins free of charge to help with this step. For WordPress, these two plugins are some of the most commonly used for this job:
- WP Force SSL
- Really Simple SSL
Once installed and redirected, you should see a small green lock icon next to your address bar when visiting your secure pages. Some of the cheapest SSL certificates are quite slow compared to the more expensive ones, so if your site needs the best performance, getting a proper SSL certificate might be worth the investment.
Mark Adam has been developing for the web since 2001, always with a penchant for open-source technologies such as PHP. Since 2010 he has been working full-time in app development.
These days employed at Nodes, a leading European app agency and Etech Spider. He also regularly contributes to WordPress and other open-source projects.