The first thing I see on a website is if it is SSL enabled or not. SSL(Secure Sockets Layer) is a cryptographic protocol which protects and secures data being transferred through a computer network( In case of websites, from web browser to the web server). Installing SSL certificate on your website is a must now-a-days because it acts as a token of trust between you and the people visiting your website. Plus the main reason behind activating SSL is to encrypt the web traffic(data) flowing from the broswer to the web server, protecting the website from intruders intercepting the traffic. In this post, I’m going to show to how you can add free SSL certificate on your WordPress website.
The SSL certificate provider I’m using is Cloudflare. It helps to increase the page load speeds by 60% for wordpress websites. Other notable features of cloudflare encryption are Visitor trust, password protection, SEO rankings and PCI compliance. So if you want SSL certificate for your wordpress website, follow the steps below:
Step 1: Visit www.cloudflare.com and create an account.
Step 2: Login to your account and then on top right corner, click on +Add site link.
Step 3: Here, add your website domain name. For example, for me it is hollyhacker.net
Step 4: Next, choose the free plan and click on Confirm plan.
Step 5: Scroll down the page and click on Continue.
Step 6: Now it will ask to change your nameservers. A nameserver is basically a server owned by web host company to specifically manage domain names associated with their web hosting customers. Nameservers allow to use domains instead of IP addresses.
Step 7: To change the nameserver, you first have to login to your web hosting account. Mine is Godaddy. In your account, you have search for domains sections and find your registered domain and click on DNS.
Step 8: If you are on godaddy, you’ll find a section called Nameservers. Just click on change button, choose custom option from dropdown menu and replace existing nameservers with the nameservers provided by cloudflare and hit save. For other web hostings, procedure will be the same.
Step 9: Now go back to cloudflare and click on Done, check nameservers.
Step 10: It will show you a page asking to complete nameserver setup. Just click on Re-check now and you will get a message saying that yourdomain.com(for example: hollyhacker.net) is now queued up to be re-checked. After that refresh the page and you’ll get the page as below.
Step 11: Now go to wordpress dashboard and search for CloudFlare Flexible SSL plugin. Install and activate it.
Step 12: Next, on top of the page shown in step 10, go to Crypto section and find the section named Always use HTTPS. In your case it will be off by default. Toggle the button and turn it on.
Step 13: That’s it. Now you have successfully installed SSL certificate on your wordpress website. Visit your website to see the https protocol along with the padlock. It may take upto 24 hours to properly activate your SSL certificate. So be patient and enjoy your more secured website!!!
If you want to know about SSL in detail then you can check this post
P.S. A lot of people are having problems such as broken site, part of this website is not working, page not working etc. even after following these steps. I was also dealing with the same broken site issue. To fix this issue, I installed a wordpress plugin called SSL Insecure Content Fixer. Just install and activate it and then visit your site. It fixed mine and hope will fix yours.