WordPress HTTPS? The Hypertext Transfer Protocol Secure HTTPS is the secured version of the commonly known HTTP, just as the S in HTTPS stands for secure. This means all your data transferred to an HTTPS are been protected with the aid of a secure connection needs to be created and that’s what this article is majorly driving at.
Recently, Google started ranking sites with HTTPS higher on the SERP pages and also Google warned all webmasters to move their blog to HTTPS before October, that was last month. Today, I will be showing you how you can get SSL certificate to secure your website’s connection and boost its rankings in Google for free or for a little price and set up HTTPS on your WordPress blog. But before we proceed, here are some questions you will like to get an answer to.
Do I Really Need SSL/HTTPS?
Yes! You really do need WordPress HTTPS irrespective of what you are running: blog or site, gone are the days it is mandatory for eCommerce sites, the Woocommerce plugin to work o but presently you need to get a Certificate if you haven’t gotten one. Honestly, there is no doubt about the fact that it does increase ranking in SERPs page of various search engines and also the trust will be there.
How long will it take for the certificate to be issued?
After correctly going through my explanation on setting it up below, the minimum time you can get the issued certificate working is 6 hours, meanwhile, that doesn’t mean it will globally available not until after 24 hours it is then the issued certificate will start working properly.
Will my Site go offline during this process?
Oh, No, you won’t have a minute downtime if you carefully follow the explanation below. However, it is mandatory you check if the certificated issued to you is working properly before taking the big step of changing the URL.
What about my Ranking on Search Engines?
This is easier than you thought, you can always go to your Search engines dashboard especially Search Console and manipulate your URL (change of address) after which your previous URL HTTP will be replaced with the HTTPS version. That easy.
Requirements to Setup WordPress HTTPS
Dr. Strange (the movie), a sentence was quoted there
They really should put the warnings before the spell.
Please, do not proceed without any of the below if you don’t have them:
- Domain Access (we’ll be modifying the Nameservers)
- Host cPanel Access
- WordPress Admin access
- CloudFlare Flexible SSL — WordPress Plugin
- CloudFlare account.
METHOD 1 – Free SSL certificate WordPress
This method of activating SSL/HTTPS for WordPress sites is very common and used by many because it is easy to set up, has a free plan, has other advance apps + security. and reliable. Now let’s start:
- Head straight to cloudflare.com, create an account with them if you don’t have one and then sign in.
- After successfully logged in, proceed to click the Add Site button and then input your domain name in the text area and the scanning will start in seconds.
- After Site much have been successfully scanned, click on Continue Setup, then verify all your current DNS settings then you can click on next where you will be asked to select a Plan, depending on your choice you can opt-in for any of the plans but regarding the tutorial, we are using the FREE plan.
- Completing step 3 above, you will be provided with some Nameservers (varies) which you need to use so that your traffic can be routed through CloudFlare. Login to your domain name area and change your Nameservers, if you’re using Godaddy or some other standard domain name registrar, this happens within minutes.
- Click on continue and wait for some moment after changing your NS, you should see the big green update.
- Now after that has been done, navigate to Crypto, find the “Origin Certificates” section and create a new certificate. Also, make sure SSL is set to flexible otherwise there might be an error.
- Login to your cPanel account, go to SSL/TLS section, click on Install and Manage SSL for your site (HTTPS) and enter the generated certificate in step 6 into the boxes there, then click save. BOOM, you’re set!
you should get something like this.
- Install the CloudFlare Flexible SSL — WordPress Plugin and activate.
- Wait for the HTTPS to start working properly for 24 hours, then go to settings and change http://yoururl.com to https://yoururl.com, include WWW if you’re using it.
- Alternatively, you can activate always use HTTPS using Page Rules and auto rewrite HTTPS (for insecure content fixer), then your WordPress HTTPS is ready. 🙂
- If you are just getting started with WordPress, you should check this article.
Buying SSL certificate from companies like Namecheap at an almost free price. You can get it for as low as $1.99 (that’s if you’re buying with a domain) or you have your domain hosted with them. Just purchase the SSL plan and you’re good to go. Following the above steps works with them too but in most cases here, you are required to either add a record to your DNS or upload an HTML file to your site’s root, the DNS method seems safer.
- Click here to go to Namecheap
- Buy an SSL plan
- Follow the prompt and guideline, chat customer care if you experience any difficulty
- You’re done getting your WordPress HTTPS.
Either of the methods you used in getting your WordPress site a certificate, remember you were previously on HTTP and your content will not be fully secured, use this plugin SSL Insecure Content Fixer — WordPress Plugins to fix all insecure content. If your blog was made using any site builder e.g Visual Composer, there might be a need to manually edit especially images area.
If you still experience Insecure content, View your source code using view-source:yoururl.com on Chrome preferably and check which aspect of the site is not secured by using the search function to find Http:// tag. After finding them, replace with https://
If you experience any error in the process, comment below. If you need assistance getting your WordPress site an SSL certificate, use the contact section or comment below with and I will reply ASAP.