Webassist Logo
Get a Quote
Webassist Logo
Get a Quote

How To Add SSL To Your WordPress Website

Add Ssl To Wordpress Websites

How To Add SSL To Your WordPress Website

Last Updated on: March 30th 2015
Posted on: 30th March 2015 | Category: No Comments

This is a continuation of our website security series. Today we learn how to add SSL to your WordPress website.

Why Add SSL To WordPress?

Security is the foremost reason, an SSL certficate encrypts data between your website and the website visitors browser. This means that even if the data is intercepted, it cannot be read because it's encrypted.

An SSL certificate also authenticates your website confirming to your web browser that the website is actually who it claims to be.

SSL Certficates are crucial to ecommerce websites, banks and any website where securing data is important. Even a regular website with users passwords and personal data needs to be protected. Imagine your website being compromised and your users personal data and passwords being stolen? Stolen data is often used for fraud and identify theft. This kind of breach can be devastating to both to your website's reputation and to the people whose data was hijacked.

Requirements for SSL On A WordPress Website

Adding SSL to WordPress is easy, you need to purchase an SSL certificate and usually you'll need a dedicated IP number. Both can be supplied to you by your web hosting company. Once you have an SSL certficate you can ask your web hosting provider to install it for you. They should be more than happy to do that for you.

On our shared hosting we install all SSL certifcates for our clients.

How To Setup SSL On WordPress

Add SSL To Your Entire Site

Some people prefer to use SSL on only selected pages or areas e.g. the login page or the checkout page etc. We recommend you add SSL to your entire site as there is a small SEO benefit according to an announcement by Google. The choice of course is entire yours.

If you want to add SSL to your entire website then we'll start as follows:

1) Update your URL in WordPress to to use HTTPS in the WordPress admin. Go to Settings » General Settings, then update your site address URL and WordPress URL fields to HTTPS.

Add SSL to WordPress - Step 1


2) Force SSL on WordPress by redirecting all traffic to use HTTPS. This is done by adding a line of code to your .htaccess file.

You want to make sure that you force SSL on WordPress. This means that when someone visits your website from e.g. www.yourwebsite.com (a non-encrypted link) they are forced to view the encrypted page which in this case would be https://www.yourwebsite.com.

For more in-depth info on how to force SSL on WordPress read this Help Centre article but the code below is what you'll need to add:

Please note: If you already have existing code in your .htaccess file then add this code above the code with a similar starting prefix.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourname.com/$1 [R,L]

Please make sure to replace www.yourname.com with your domain name.

Add this line of code will also avoid your SSL breaking and causing errors. What essentially happens is some items like images or other content are not called securely (via HTTPS) but insecurely (via HTTP) and this will cause browsers to give various errors.

Testing Your SSL

Once you've done all the above, it's time to test your website to make sure the SSL is working correctly. You can visit your site in your browser to start with and some of the results in Chrome will give you browser icons as follows:

Add SSL to WordPress - Step 2

For more in-depth information on Chrome's browser icons and their meanings visit this page.

We also recommend using a tool like https://whynopadlock.com to test your site for errors.

Why No Padlock will test your page and make sure all items are called securely. If not it will highlight each item that's called insecurely and you can fix each one.

There are also WordPress plugins that can help when changing from HTTP to HTTPS. One such plugin is WordPress HTTPS. WordPress HTTPS can be really helpful with you have a big site with lots of content that needs to be fixed because it's being called insecurely.

Try Our World Beating WordPress Hosting

Browse WordPress Hosting

By Athlone Harris-Compton

I enjoy building websites while having a good coffee. Get in touch and let's chat about how I can help you.

Leave a Reply

Your email address will not be published. Required fields are marked *

crossmenuchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram