How to Add SSL & Move WordPress from HTTP to HTTPS

How to Add SSL & Move WordPress from HTTP to HTTPS

Making sure your website uses HTTPS should be a top priority for any webmaster

In fact, recent statistics show that over 42% of site administrators across the web use WordPress, and many of these sites still don’t have an SSL certificate installed.

The Importance of SSL

For the past several years, SSL has become increasingly important. Not only is SSL crucial for securely transmitting information to and from a website, but also in terms of search engine visibility. Having SSL installed can lower the chances of being penalized by website authorities, and should always be a part of a website’s security posture.

Protecting Data In Transit

SSL certificates essentially protect the integrity of the data in transit between the host (web server and/or firewall) and the client (web browser). They work as a barrier to prevent data visibility or modification. An SSL certificate doesn’t protect websites from being hacked however.

SSL works only to protect the data in transit.

If you’d like to understand more about how SSLs work, feel free to check out our short webinar: Is SSL Enough to Secure Your Website?

Website authorities such as Google have been known to penalize non-HTTPS sites for some time now. Back in 2017, Google changed its approach to handling HTTP websites. Having an SSL certificate has been an important factor for SEO and security, but now it shows that the site takes security more seriously than a non-HTTPS site generally would.

Not Secure Website Warning in Chrome

released in July 2018, it shows a “Not Secure” warning for websites that don’t have an SSL certificate.

HTTPS websites generally tend to rank better on search engines such as Google. Since 2014, SSL has been a ranking signal for SEO and has been one of the site’s characteristics that determine its position amongst search engines.

In order to install an SSL certificate on a WordPress site, you’ll first need to either purchase one through a Certificate Authority, such as GoDaddy, or use a free certificate from Let’s Encrypt.

Some hosting companies provide SSL certificates to their customers as well. We advise contacting your hosting provider before proceeding, since they may be able to provide support with the installation & management of your certificate.

If you choose to go with a free Let’s Encrypt SSL certificate however, we’ve written an extensive guide on how to add one to your website here.

If you’re using the Sucuri Website Firewall (WAF) and you don’t currently have an SSL certificate on the origin server for your site, an SSL will still be enabled on the firewall server by default. This ensures the data between visitors and pages they view are still encrypted, via the firewall server.

How to Install SSL/HTTPS in WordPress

Before Installing SSL/HTTPS in your WordPress site, you’ll need to have a valid SSL certificate uploaded to your server or CDN. You can reach out to your hosting or CDN to ask for assistance with this step.

Below are the steps for installing SSL/HTTPS to a WordPress website. You can either do it manually, or use a plugin to help. If you choose to add an SSL to WordPress manually, you’ll need to modify some files and troubleshoot certain issues.

Leave a Reply

Your email address will not be published.

WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, how can I help?