Disclosure: Some links may be affiliate links. If you buy an item via links on our site, we may earn a commission. Learn more.
If you’re not already using an SSL certificate on your site, you’re making a mistake. There’s no real excuse not to install one, it offers a number of benefits and many hosting companies now offer one for free. Installing one is easy and it only takes just a few minutes. You should therefore definitely consider using one on your site.
In this article, you will understand what SSL, the major benefits of using SSL and how to install a certificate for your WordPress site.
Let’s get started…
What is SSL?
SSL stands for Secure Socket Layer and it’s used to encrypt data between a web server and a browser (Firefox, Chrome, Opera, Safari, etc). This allows data that passes between a web server and browser to remain private, and prevents tampering by third parties and therefore makes a site more secure.
When a site has a SSL certificate installed, a user will see a padlock in their browser’s navigation bar, and the URL will have https:// instead of http://. The “s” at the end of “http” means the site is secure. For example, an ecommerce site, will use a certificate to encrypt sensitive details such as a user’s credit card number.
What are the Benefits of Using SSL?
As we have seen, there are a number of security benefits of using HTTPS over plain HTTP. This is an important aspect nowadays especially with so many security breaches. You may be asking yourself though, I don’t run an ecommerce site, I only own a blog, do I still need one?
Below we will discuss why you should definitely consider using one on your site, irrelevant of the type of site you own.
1. Can Increase SEO
In 2017 Google announced that it would start favouring HTTPS sites over HTTP ones. Sites that use SSL would see a slight search ranking boost.
While the SEO benefit may only be minimal currently, well written content and high-authority backlinks are still vital factors for improved search rankings, it is still an important aspect to consider. The better your search rankings, the greater number of visitors you will get to your site, which is what you should be looking for.
No doubt in the near future, Google will probably be requesting that all sites are secure.
2. Increases Visitor Trust
You wouldn’t want to be purchasing from an ecommerce website if you knew your details were not secure, especially if your credit card details could potentially get into the wrong hands. Secure sites are therefore perceived more credible by users. They understand that you’re ensuring that their privacy and security is being protected, which they value highly.
Google Chrome is now displaying a “Not secure” security warning message in the browser navigation bar on any page that is not using HTTPS. Users who are met with a “Not secure” warning message may leave a site if they consider it unsafe, and never return, which is not what you want.
Whatever your site is, however small, install a certificate. Even if your site just has a sign-up form, user’s details are still being transmitted, so an added layer of protection is advisable.
How to Install an SSL Certificate on Your Site
All you need to do is enable it, and set it up, so that your WordPress site uses HTTPS instead of HTTP.
While you can do this manually, by modifying the .htaccess file, the easiest way to do this is by using a plugin such as Really Simply SSL.
The Really Simply SSL plugin allows you to quickly enable the certificate in just one click, so you don’t have to worry about manually changing files. It updates your URL to HTTPS and it also adds a 301 redirect, so it sends all traffic to the HTTPS version of your site.
How to Use Really Simple SSL to Install your Certificate
Step 1: In order to confirm that you do indeed have a free SSL certificate from your web host, load your WordPress dashboard using HTTPS. For example, enter your site name like so: https://yourwebsitename.com/wp-admin. If you’re able to log in successfully, and you see a green padlock in the navigation bar, proceed to the next steps. Otherwise you will need to contact your web host to confirm if they do indeed offer a free SSL certificate.
Step 2: From your WordPress dashboard, select Plugins > Add New.
Step 3: In the search field enter “Really Simple SSL”.
Step 4: Locate the plugin and click on Install Now and then Activate the plugin.
Step 5: Once you have activated the plugin, you should see the below popup. Click on the “Go ahead, activate SSL!” button.
Step 6: After clicking on the button, you will get signed out of the dashboard. Just sign into your dashboard as you would normally do.
Step 7: Once the certificate has been enabled, you should see the following message confirming it’s been activated.
Step 8: In order to test that the certificate has been installed and activated successfully, open a browser and enter the name of your site without HTTPS i.e. yourblog.com. If it has worked, it should automatically redirect to HTTPS, and you should see a padlock in the navigation bar next to your URL.
Changes/Checks to Perform After Installing Your SSL Certificate
Once you have confirmed that your SSL certificate has been installed successfully, you will need to perform the following checks/changes:
Update Google Search Analytics
Search engines consider HTTP and HTTPS as two different sites. You will therefore need to update the Google Search Console to avoid issues. In order to do this, select Admin > Property Settings. Next, for the Default URL section change the dropdown from http:// to https://
Update Google Search Console
You will also need to perform a similar change under the Google Search Console. In order to do this, log into the Google Search Console and click on the Add Property button (top left corner) and enter the HTTPS version of your site and click on Save. There will now be two entries, a HTTPS ones and a HTTP. Don’t worry about this, this is fine.
Submit a New Sitemap
Once you have updated the Google Search Console, you will need to submit a new sitemap for your HTTPS site (you can use Yoast SEO to generate a sitemap).
Update Social Media and Forum Profiles
While this is not strictly necessary, as Really Simple SSL adds a 301 redirect, you may want to consider updating your social media bio’s (Facebook, Twitter, Pinterest, Google Plus) as well as your forum profiles for consistency purposes, so that your site points to the HTTPS version.