Starting a blog? There seems a never ending list of things you need to understand. One of them is SSL certificates. What are they? Do you need one and can you get a free SSL certificate for your WordPress site?
So here’s the up-to-date lowdown on everything you need to know about SSL certificates and HTTPS when you start a blog...
What’s An SSL Certificate?
Take a look at the top of this post. Can you see a padlock sign in your browser? I hope so! That’s the sign this website is secure and you can safely browse my site.
SSL stands for Secure Socket Layer. It’s an protocol for protecting and encrypting information sent across the internet.
Whenever you interact with a website you’re leaving information. On some sites this could be sensitive information such as personal details, credit card or payment information.
If it’s a HTTP, (Hypertext Transfer Protocol), site there’s a risk of hackers stealing your details. With an SSL certificate installed exchanges of data are encrypted and your site becomes HTTPS, (Hypertext Transfer Protocol Secure).
Information transferred between your viewers’ browsers and your HTTPS site is securely encrypted keeping your customers’ data safe. This is verified with an SSL certificate and confirmed with the browser padlock sign.
Does My Site Need An SSL Certificate?
These days, I would say the answer is yes even if you’re not asking your customers for sensitive data.
You can start a WordPress blog, write some posts and have passive followers who just read your articles without interacting with your content.
With this type of site you could get away without an SSL certificate. BUT most people visiting your site will be warned it’s insecure. That’s enough for me to back away and close my browser!
Not having an SSL certificate is a huge turnoff to visitors. Fortunately the best hosting providers supply these certificates for free. It’s also becoming essential if you want to be ranked on Google.
These are my recommended hosting providers supplying free SSL certificates with their hosting plans:
Installing Your Free SSL Certificate With Bluehost
Bluehost are terrific for beginners and will normally install your SSL certificate automatically when they build your site.
If, for some reason, your SSL certificate hasn’t been installed you can check in your Bluehost portal.
For a new site, or a site without any traffic yet, go to My Sites > Manage Site and click on the Security Tab. Switch the Free SSL Certificate On. If you have any questions you can contact Bluehost’s 24/7 support.
Ready to start your WordPress site?
Installing Your Free SSL Certificate With HostGator
Every HostGator hosting plan comes with a free SSL certificate. All you have to do is enable it and change your WordPress settings to HTTPS.
In your HostGator cPanel make sure your free Let’s Encrypt certificate is enabled. (Watch the video if you’re not sure where to find it).
Open up your Word Press dashboard and go to Settings > General. Change the urls to HTTPS by adding an S.
If you find that all a bit techy, you can install and activate the Really Simple SSL plugin on your site. There’s a free version!
If you have any questions, contact HostGator’s 24/7 support! If you’re ready to start your site today, take advantage of my special HostGator offer…
Installing Your Free SSL Certificate With SiteGround
You will need to install your free SSL certificate yourself with SiteGround but it’s an easy process. If you get stuck just get in touch with their excellent support.
Go into your SiteGround account and open up your cPanel. Scroll down to security and click on Let’s Encrypt.
From here you can see your active certificates and you should see your free Let’s Encrypt certificate. These are the certificates on my SiteGround sites.
Once your certificate is active you can click on the drop down menu and select HTTPS.
These are the settings you need.
If in doubt, get in touch with SiteGround’s excellent support team for assistance.
Installing Your Free SSL Certificate With WPEngine
WPEngine have a in depth support article to assist you with setting up your free ssl certificate.
Better still they have amazing support. Just hop on their live chat and let the WPEngine team walk you through the set up process.
Switching To HTTPS For An Existing Site
With an existing site, you need to take a few precautions before switching to HTTPS. The main issue is to make sure all HTTP urls are redirected to the same new HTTPS version. Speak to your hosting provider.
Sometimes when you switch an existing site from HTTP to HTTPS you’ll end up with a warning about mixed content issues. Usually the cause is images and you may end up reloading quite a few. (This happened to me once). Check out this guide for moving to HTTPS.
Do I Need A Paid SSL Certificate?
Free SSL certificates and paid SSL certificates provide exactly the same level of encryption. The difference between paid and free is the level of authentication.
All a free SSL certificate is saying is you’re at this domain and it’s an encrypted site. That’s it.
To get a paid certificate you have to provide details about your company. You have to prove it’s a legitimate business. Visitors to your site need to be reassured it’s a safe place to input their credit card details.
That’s why if you’re setting up an eCommerce store and taking credit card payments directly on your site, you need a paid SSL certificate.
If you’re starting a blog or a brochure style website, that’s not taking credit card payments, a free SSL certificate is perfectly adequate.
Conclusion
You definitely need an SSL certificate for your site. If you don’t install an SSL certificate and switch your site to HTTPS, it will affect your Google rankings and be a big deterrent to your visitors.
There’s no need to pay for an SSL certificate unless you’re starting an eCommerce store and taking credit card payments directly on your site. Make use of the free SSL certificates provided by good hosting providers. Bluehost will manage your free certificate for you and keep it up-to-date.
Frequently Asked Questions
Some of the best hosting companies for WordPress provide SSL certificates for free. Bluehost will even install your SSL certificate automatically when they build your site. Unless you’re setting up an eCommerce store, a free SSL certificate is all you need. Bluehost, HostGator, SiteGround and WPEngine are all good choices if you want a free SSL certificate.
These days, if you want to rank on Google, all WordPress sites should have an SSL certificate. Otherwise visitors will be deterred from visiting your site by an insecure content warning. A free SSL certificate is perfectly adequate for most sites. Only eCommerce sites taking credit card payments need a paid certificate.
All free SSL certificates do the same thing, protect and encrypt information sent across the internet. These free certificates only last for 90 days then need to be updated. The best hosting companies such as Bluehost, HostGator, SiteGround and WPEngine will manage the updates for you so you’re never without an installed SSL certificate.
Leave a Reply