Do you have SSL on your WordPress website? You should because Chrome will soon mark all unencrypted pages as ‘not secure’.
What is SSL?
SSL stands for Secure Sockets Layer which is a standard security protocol for establishing encrypted connection between a web server and a browser in an online communication.
SSL make sures that all data transmitted between the web server and browser remains encrypted.
Here is what you can do :
- Purchase a SSL certificate from the same company as of your hosting.(generally all of them have it)
- Purchase it from third party providers here is a list of top SSL providers.
- An amazing open source project to provide free SSL Let’s Encrypt here is Let’s Encrypt website(not all the hosting providers have joined Let’s Encrypt’s mission).
In this post we will share an easy method to get SSL on your WordPress website also solving one more problem in the process.And its absolutely free.
In WordPress we will use cloudflare to get free SSL. Here is how you can do it for your WordPress powered website.
Step 1: Go to cloudflare and create an account. Here is the website.
Step 2: Once you’re done creating the account it will ask you to add site.
Step 3: Then it ask you to choose plan, please choose free plan and click on confirm as shown in the fig below.
Step 4: It will show free plan purchase confirmation step please confirm see the fig. below
Step 5: Once confirmed it will show the DNS query result, in this step cloudflare is optimizing your DNS so it correctly resolves to your web servers. You don’t have to do anything just scroll down and click on the continue button at the bottom. see the fig. below.
Step 6: Now, cloudflare will show new nameservers which you will have to go to your domain panel and change placing these in place of your current nameservers, and come back to cloudflare account and click on continue, see the fig below.
Step 7:After that you will see this screen on your cloudflare if yes it’s all ok and you are on the right path.
Step 8: After you have changed the nameservers,refresh the page you will see active cloudflare sign, however wait for 24 hours (this is a must and one of the most important step)as cloudflare will take around 24 hrs to configure nameservers to all the world’s servers. Actually cloudflare is notifying all the servers of the world that your website has been configured on cloudflare, see the fig. below.
Step 9: By this time i assume that its been 24 hrs since you changed the old nameservers and updated them with the new cloudflare nameservers as discussed in step 6.
If no please do however if you have done it it’s time to configure your cloudflare in your WordPress website now.
Please log in to your selfhosted WordPress backend, go to plugins and add a new cloudflare plugin. If you need help installing a plugin here is a post to help you out.
Step 10: After adding the cloudflare plugin go to your settings options of WordPress and there you will find cloudflare option, click on that and you will reach the plugin backend.
Step 11: Once you click you will reach the backend of cloudflare plugin it will ask you to signup or sign in, as we already have account we will sign in, see the fig. below.
Step 12: After you click on sign in option you will be asked to enter email and api key.
Step 13: For email use the email you have used to signup on cloudflare and for api key switch back to cloudflare account, go to the your added website scroll down you will see api key option corresponding to it you will see view option click on that, it will ask your password for this confirmation step and once you provide you can see your api key copy it and paste it in your website backend as required at step 12 and click save credentials , see the pics below.
Step 14 : Once you’re done updating all the settings this is the final step you will reach as shown in the fir. below.
Check if the always online is On or OFF it should be turned On.
Step 15: Go to plugins and add a new plugin called Really Simple SSL.
Step 16: Once you install it and activate, it will show a message in the backend “always reload over https” turn it on.
That all its done.
Hopefully your are able to apply SSL on your website.
Please leave your suggestions and queries in the comments below.