This blog post is about How to Install SSL Certificate on WordPress Website. Secure Sockets Layer certificate tells the website visitors that this website can be trusted to visit or for a purchase. But, there may be simple question, how to identify if the SSL certificate is installed on the website or not. You got it right, check the url of the website you visit, if it says , http://example.com or https://example.com. here s(secure) makes a difference.
When a website is https i.e. ssl certificate installed, you can trust it. However, there are still websites using http protocol, and they are legitimate websites. Just that they have not migrated to SSL . So, without delay, let’s dive into the details of this blog.
Page Contents
What is SSL Certificate
Secure Sockets Layer certificate is way to secure your website from hackers or man in the middle. When you do any purchase from a website or you provide your personal data to any website for any form singup or any newsletter sign. SSL Certificate Installed on WordPress or any website in general, gives you the trust to use that website.
Where to see the SSL certificate
Why SSL Certificate on WordPress Website
If you are having a wordpress website, – and you sell any mercendise on your website. To win the trust of your visitors, as a owner of the website you have to show the proof of authenticity. This trust comes from the SSL certificate.
If you are a visitor to any website – As a website visitor , you want to see the authenticity of the website. what if, any hacker of man in the middle trying to steal your data or your hard earned money. SSL certificate installed on the website shows the website is legitimate.
Google Ranking for SSL Certificate on WordPress Website
SSL is part of Google’s search ranking algorithm. This is according to the Google Search Central.
The data sent over the https url is secured because of three reasons:
- Encryption: Data is masked before being sent to the sender. For the data in transit(in transfer mode), nobody can see and understand this data. This prevents the risk of man in the middle of conversation to steal the data.
- Data integrity: What is sent is only what is received. Data can not be manipulated in between. For example , if you sent the request to see the video posted on the website. You are sure to see the only video posted on the website, not other video.
- Authentication: With the SSL Certificate installed on wordpress website or any other website, users can be sure that they interact with the intended website only not to the hacker who may be sitting in between website visitor and website.
How to Install SSL Certificate on WordPress Website
How to Install SSL Certificate On WordPress website is fairly simple task these days. If we talk about until few years ago, SSL certificate setup was a difficult task. Let’s Encypt has made getting certificate easy. And most the web hosting providers support the Let’s Encrypt certificates.
However, these days most of the web hosting providers, gives you the option to install SSL certificate on WordPress website with the auto-installer. Once you installed the certificate, you need to force your wordpress to use the https. There is a really simple plugin to force your website to use https, Really Simple SSL plugin.
Otherwise you can go with manual way of editing your website and forcing the traffic to https instead of http.
Manually forcing traffic to https
Step1. On your wordpress Admin area, Settings >> General page. Here you need to update your WordPress Address and site address fields to point to https url of your website.
From:
To:
Step 2. If your WordPress is hosted in Apache Server(most of the wordpress installations are on Apache Server)
- Locate the .htaccess file in the root directory of the WordPress site. (You may need to enable the show hidden files option in your FTP client filezilla for example.)
- Add the following code in .htaccess file.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>3. Add the following code to wp-config.php file to add force the HTTPS url to WP Admin url.
define('FORCE_SSL_ADMIN', true); Please do not edit any other property in these two files. Settings above mentioned configurations will make your wordpress to use the https url not the http url.