Do you want to improve your search engine ranking and offer your readers and customers better security? You can do that by installing a free SSL certificate on your WordPress website using Let’s Encrypt.
I’m sure you’ve heard of SSL certificates and HTTPS. Let’s talk about SSL, the difference between HTTP and HTTPS, and how to install a free SSL certificate on your blog.
What is an SSL certificate?
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between your website’s server and your user’s browser. It ensures that all data that passes between servers and browsers remains private and integral.
If you don’t have an SSL certificate installed, and the data passes through a regular HTTP connection, other people might have access to the data you transfer. HTTPS (Hyper Text Transfer Protocol Secure) connections will help protect your private information from hackers.
Why do you need it?
As I said, an SSL certificate will protect private information from third-party users that might want to see or even steal it.
If you are running an e-commerce website and you collect payment info, then you absolutely need an SSL certificate. You will need it even if you use PayPal or Stripe because they will require you to have a secure connection.
Recently, Google announced that SSL was going to be a ranking factor. That means that having an SSL certificate on your blog will help your posts appear higher in search results.
This year, browsers began displaying a green padlock in the address bar, so it will be easier for people to see if the site they are using is secure.
This is how a secure connection looks on Chrome:
And a connection that is not secure:
Chrome will soon start displaying the Not Secure message in the address bar.Secure your WordPress blog and improve your SEO by installing a free SSL certificate Click To Tweet
How to install a free SSL certificate using Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority run by the Internet Security Research Group. Their aim is to simplify SSL implementation in order to create a more secure Web.
Let’s Encrypt is perfect for bloggers and small business owners, but if you have an e-commerce website or use WordPress multisite you might still need a wildcard SSL certificate. The good news is that wildcard certificates will be available from Let’s Encrypt starting in January 2018.
Before you get started, backup your site and make sure that WordPress, your themes, and plugins are up to date. You should also scan your site for broken links using a plugin like Broken Link Checker.
How to install Let’s Encrypt from your cPanel
Some hosts will let you install a free SSL certificate right from your cPanel. Find out if your host supports Let’s Encrypt from the official website.
If you’re on SiteGround, like I am, you can install Let’s Encrypt in less than a minute.
Go to your cPanel and click on Let’s Encrypt from the Security tab.
This will show you a list of the certificates installed on your account.
If you don’t have any certificates installed on your site, you can add Let’s Encrypt free SSL from the following menu:
Enter your domain name and email address and press Install. Let’s Encrypt will be installed in a few minutes.
To turn on the SSL certificate, switch the HTTPS Enforce button to ON.
How to configure your SSL certificate on WordPress
Now that you have installed the free SSL certificate, you will have to configure WordPress to point your site to the HTTPS version.
Go to your Dashboard > Settings > General and change both WordPress Address and Site Address from http to https.
If you have an older blog with many posts and images, you should use a plugin to update the URLs from http to https. I highly recommend the Really Simple SSL plugin. Just install it and activate it and it will automatically update your URLs.
Testing and troubleshooting
If your free SSL certificate is not working or you get an Insecure Connection message, go to Why No Padlock and enter your blog’s URL. This website will tell you exactly what is wrong with your site.
Make sure you also test your Pinterest and social media links by accessing older posts. The posts that have http at the beginning of the URL should now redirect to https.
Some of the most common SSL errors are broken links and images. Use the Broken Link Checker to find and replace broken links.
Update Google Analytics and Search Console
Add your new https URLs to Google Search Console and update Google Analytics so that your default URL starts with https.
Just log in to your Google Analytics account, navigate to Admin > Property Settings and change the default URL from http:// to https://.
How to manually install Let’s Encrypt
If your host doesn’t support Let’s Encrypt, but allows custom SSLs, you can manually install it by following the official documentation.
Please be aware that Let’s Encrypt has to be renewed every 90 days and you will also have to do that manually. Hosts that support Let’s Encrypt will automatically renew it.
Other free SSL certificate providers
If you don’t want to use Let’s Encrypt, but still want a free SSL you can install an SSL certificate through CloudFlare. There are many other advantages to using CloudFlare and I will tell you all about it soon.
Have you heard of Let’s Encrypt before? Do you want to use it?