Usage statistics and market share of WordPress for websites by W3Techs shows that WordPress is used by 60.2% of all the websites whose content management system we know. This is 29.9% of all websites.
With the ever- increasing usability and appealing features, WordPress is no doubt one of the most used content management systems (CMS) and is recognized as the most popular publishing platform in the world.
But at the same time, this massive usability of WordPress has made it the most hacked CMS platform. Wordfence reports that WordPress sites witness up to 90,000 attacks every minute.
Taking adequate security measures, including encrypting the crucial customer data when in transit can definitely reduce the damage. And here the Secure Sockets Layer (SSL) that provides the Hyper Text Transfer Protocol Secure (HTTPS), a communication protocol, certainly helps, by protecting data as it moves from the source to the destination. Read on to know how you can install Let’s Encrypt SSL certificate on your WordPress website with cPanel or Plesk hosting control panel.
SSL certificate – a brief overview
Secure Sockets Layer (SSL) is the technology that secures an internet connection while safeguarding any sensitive data, that is being transferred between a web browser and a user’s server, website or computer.
So, when you add an SSL certificate to your WordPress website, your HTTP connection becomes encrypted i.e. it becomes HTTPS which means that the hackers cannot intercept any data that is being sent over the network. These digital certificates prevent criminals from reading and modifying any information that is being transferred, including credit card numbers, payroll information, passwords or any other personal identifiable details. They also ensure secure browsing of social media sites.
Depending on the usage, organizations can apply for different types of SSL Certificate . However, the encryption levels are same for each type of the certificate, but they differ in two things-
- Vetting and verification processes.
- The browser address bar that appears after the installation of a digital certificate.
Why your WordPress site should have an SSL certificate?
When an online business ignores website security, it is not the only one who is at risk but it puts its site visitors also at risk. So, adding free SSL certificate to your WordPress website will encrypt your web traffic and entrust your visitors with privacy. This will help you in building trust for your brand and let your visitors know how much you care for their security.
Another reason to install SSL certificate on WordPress site is search engine optimization. Browsers like Firefox and Chrome have started making their users more aware of the risks associated with unencrypted HTTP webpage.
Chrome browser of Google displays the message “Your connection to this site is not Secure” in the address bar when users interact with the webpages that display HTTP with no “s”.
Similarly, Firefox also displays the message of “Connection is Not Secure”.
But when a website is secured by an SSL certificate, HTTPS (Hyper Text Transfer Protocol Secure) appears in the URL, which provides an assurance to the users about the reliability of the website they are communicating with.
Taking security measures is generally put on the back burner by online businesses because they’re either considered too expensive or disruptive or don’t produce desired immediate gains. But, if you wish to gain more customers and earn their trust, make your website secure.
Irrespective of the kind of business you have, if your WordPress website is using managed WordPress hosting and has an SSL certificate, then it will thrive.
In the past TLS/SSL was not used as much due to the cost and performance impact of encryption, but today this question of how to get a free SSL certificate for my website is very well answered by Let’s Encrypt – a free open source SSL certificate that can be used on most of the sites.
Any good web hosting company in India or worldwide like ZNetLive offers free Let’s Encrypt with its hosting packages.
What is free SSL certificate – Let’s Encrypt?
Ease of usability and the cost of any technology is critical to its adoption. SSL certificates by Let’s Encrypt – a certificate authority, are free, automated and globally available digital certificates for everyone on the web.
As per Wikipedia, Let’s Encrypt free SSL certificate lowers the complexity of setting up and maintaining TLS encryption by eliminating complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.
Since domain-validated certificates can be fully automated, so Let’s Encrypt issues only domain validated SSL certificates.
How to install a free SSL certificate on your WordPress website – ‘Let’s Encrypt’ using cPanel?
Step 1: Log into your WHM account to install free SSL certificate.
a. Log in to your WHM account
b. Then go to ‘Manage Auto SSL’ option
c. Next, click on the ‘Manage Users’ tab, select your User and Click on ‘Enable Auto SSL’
Step 2: Update your WordPress website URL to HTTPS
Once an SSL certificate is added to your website, you need to change your site’s URL from HTTP to HTTPS. As without changing the URL, the SSL certificate will not work, and your website will not be able to enjoy any desired extra security.
To apply these settings, login to your WordPress dashboard, hover to Settings and click on ‘General’ in the menu bar. General Settings page will be displayed.
Here, change the WordPress Address (URL) and the Site Address (URL) and begin your site’s URL with ‘HTTPS’ instead of ‘HTTP’.
Click on the “Save Changes” button to save changes made by you.
Now your website has become an HTTPS website with a Let’s Encrypt SSL certificate installed on it.
See https with green padlock in the address bar, representing that free SSL certificate has been installed on your WordPress website.
Now that you have learnt to install SSL certificate on your WordPress website using cPanel, let’s learn how you can do it if you have Plesk hosting control panel.
How to install a free SSL certificate on your WordPress website – ‘Let’s Encrypt’ using Plesk Panel?
Step 1: Log in to Your Plesk Panel and Install the Free SSL Certificate
1.Log in to your Plesk panel.
2. Go to “Let’s Encrypt” Option.
3. Checkmark on “Include a “www” subdomain for the domain and each selected alias” parameter and click on the Install tab.
4. Now view the notification about the Let’s Encrypt SSL installation.
5. In order to apply this SSL, we have to assign the SSL to domain from “Hosting Settings” option.
6. Go To Certificates option and select the “Let’s Encrypt” SSL and save the changes.
7. Now SSL has been installed.
Step 2: Update Your WordPress Website URL to HTTPS
In this step, you must secure your web pages with https, instead of http.
To apply these settings, you must log into your WordPress dashboard. Go to General settings.
Now, change the WordPress Address (URL) and the Site Address (URL) here,
Click on the “ Save Changes” button to save changes.
Now you can see https with a green padlock in the address bar. It means SSL has been installed on your WordPress website.
If you have any query for SSL certificates, do share in the comments section.