How to Install a Free SSL Certificate for Your WordPress Website

by Saphia Lanier in security on March 27, 2019

How likely are you to shop on a site that’s labeled “insecure”?

If you’re like most, then not at all.

Today’s consumers are savvy, and they want to buy from brands that are morally intact. This includes doing everything within their power to safeguard their customers’ data.

Now, what if we told you that if your website doesn’t have an SSL certificate that Google shows it as “not secure”? This should sound off warning bells.

But not to worry — there’s a simple (and free) way to update the security of your site using an SSL certificate.

Ready to learn how? Then continue reading.

First, What is SSL?

SSL, or Secure Sockets Layer, is an internet protocol used to secure data transferred between the website and a user’s browser.

Let’s say you allow customers to sign up for an account to store all of their contact details. This saves them the time of having to insert their name, address, phone number, and payment details each time they check out.

But without an SSL certificate, the user’s financial details, personal data, and login credentials are all vulnerable to being hacked.

By installing an SSL certificate, you can upgrade to an HTTPS URL, which will tell visitors that your site is now secure. They’ll also see a padlock next to your browser address.

This helps to build trust with your visitors and protects your business from dealing with hacks you could’ve otherwise avoided.

I Have a WordPress Site — Do I Need One?

Having an SSL certificate for your website is the internet standard today. So if you’re looking to improve your ranking in Google and other search engines, then this is a must (even if you’re not accepting purchases via your site).

But even if you only collect basic information from your visitors, such as their login details, name, and email, it’s good to have an SSL certificate.

Don’t try to operate an e-commerce store or membership site without one! You don’t want to put your business, credibility, or your customers at risk.

In many cases, you’re required by online payment services to have an HTTPS site before you can set up your account.

Any user who’s on the Google Chrome browser will see “Not Secure” right next to your URL. In other words, a great way to deter users from entering your site.

How Do SSL Certificates Work?

The idea of securing your website with an SSL certificate may sound complicated. But it’s not as complex as you think.

But before we get into how you use them, let’s take a quick look at how they work.

When you install an SSL certificate on your website, it creates a filter that encrypts all of the data that goes to and from the browser and your website.

You don’t see any of this happening because it goes on behind the scenes.

Any time you submit information through the site, the browser uses the site’s public key to secure your data using encryption. The site then receives the data, decrypts it using the public key, as well as a secret private key.

Also, if you attempt to visit a website, the browser allows immediate access if there’s an SSL certificate.

However, you likely came across sites that lead to a security warning page that you have to manually override to continue.

On the other hand, if the site is secure, then you enter without delay.

Is an SSL Certificate Really Free?

Where you get your SSL certificate will determine whether or not you have to pay. However, many places will charge you anywhere from $50 to $200 annually.

Most people purchase an SSL certificate from their domain registrars, such as GoDaddy.

But rather than going for a paid service, you can always opt to go the free route.

This makes it possible for any site owner (with any budget) to secure their website. If you’re just starting out and don’t have $75 to pay for an SSL certificate, then you can use a non-profit like Let’s Encrypt.

It’s growing in popularity, getting backing from major corporations, such as Google, WordPress.com, and Shopify.

However, this means you have to install the SSL certificate on your own, which can be a bit difficult for some.

Next, let’s take a look at how you can install an SSL certificate to your website.

Step 1: Go to Your Website cPanel

Before you can start, you’ll have to log into your web hosting control panel. Once you’re in, you’ll have to enable the free SSL certificate feature.

Go to the WordPress Tools section and click on the Security area. You should see the Free SSL Certificate switched to off. Just click it to enable it.

If you’re unsure of how to get here, contact your hosting company to get assistance.

Step 2: Changing Your URLs to HTTPS

After enabling the Free SSL Certificate, your site is already using HTTPS protocol. But you’re not done yet.

Now, you have to switch all URLs from HTTP to HTTPS. You’ll have to do this from the back-end to notify browsers that your site is now secure.

If your WordPress site is brand new, then you’ll have to go to your Settings page. You can get here by logging into the admin panel and clicking Settings>General.

From here, you will be able to type in HTTPS in front of the URL in the “WordPress Address (URL)” and “Site Address (URL)” text boxes.

Make sure to save your new settings by hitting the Save Changes button.

The steps are a little different if you’re working with an existing WordPress website.

This is because Google and other search engines have already indexed your site. There’s a plugin you can use to do the update safely (without wreaking havoc on your existing pages).

The name of the plugin is Really Simple SSL. It’s user-friendly and quick to apply. All you have to do is install and activate the plugin and it’ll do the rest.

It’ll detect which of your URLs need updating and it’ll change them to HTTPS.

So where do you find this handy tool?

Well, you can log into the admin panel of your WordPress website. And then click on Plugins>Add New.

All you have to do now is type in “Really Simple SSL” into the search box of the Add Plugins screen. Once you find it, click Install Now. After it’s done installing, you have to click activate.

After it’s done, you’ll get a message saying it’s been activated.

Step 3: Updating Your Google Analytics

If you’re tracking your website’s traffic and other data using Google Analytics, then you’ll have to update this as well.

Otherwise, it’s going to stop receiving data from your site, since it’s tracking your old URLs.

Just log into your Google Analytics account and head over to the Admin>Property Settings area.

Find the Basic Settings section and go down to Default URL. This is where you’ll change it from http:// to https://.

Don’t forget to hit the Save button and you’re all set!

Encrypting Your WordPress Website

See? Installing your own SSL certificate is simple and free. Now, all you have to do is apply what you’ve just learned.

You can’t afford to continue operating a WordPress site that’s not secure — even if you’re not selling anything (or collecting critical information).

If you have a web form on your site you use to collect first names and emails, then you need an SSL certificate.

Also, keep in mind that HTTPS sites hold a higher authority in search engine rankings.

If you decide to go without the added security, then you only place yourself and your visitors at risk.

Data breaches are on the rise so you have to do what you can to stay out of legal trouble. If your data is stolen by hackers, then you could end up fined for not doing something as simple as encrypting your site.

Ready to get started? Then head over to your cPanel and follow the steps above!

And if you need additional plugins, check out Premio today!