How to Configure a Free SSL Certificate for WordPress (HTTP to HTTPS)
An SSL (Secure Sockets Layer) Certificate is responsible for securing and encrypting information between a website and a client. A website with an active SSL Certificate uses the secure version of HTTP which is HTTPS.
However, when you need to use online payment direct options on e-commerce websites such as PayPal Direct and Stripe, an SSL Certificate may be a requirement.
Why is an SSL Certificate Important?
1. Google’s product “Google Chrome” shows a notice (effective from January 2017) when a user tries to log in to a website without an SSL Certificate. The notice may cost a website a significant number of users. Below is a demonstration of the gruesome notification.
2. It is a major factor considered by Google during SEO (Search Engine Optimization) ratings. Lack of an SSL Certificate may affect a website’s ratings on the search engine. Google considers websites with SSL certificates first.
3. Having an active SSL Certificate on your website enables direct checkouts. Direct checkout is preferred among most online buyers because it’s simple and faster.
Get a Free SSL Certificate on a WordPress Website
The first step is passing your website content through a CDN (Content Delivery Network). One of the major advantages of using Cloudflare’s CDN is the free SSL that comes with the FREE plan. If you haven’t, read the step by step tutorial about “How to Setup a CDN for Your WordPress Site”
If you followed the tutorial, you should be on this page below:
The next step is to force your website content to redirect to the secure version (HTTPS). To do this, you need to login to your WordPress dashboard and add a new plugin.
Search for ‘Really Simple SSL’ plugin then install and activate it.
Finally, click on the ‘Go Ahead, Activate SSL’ button.
In case you encounter the error below, don’t panic!
Fixing the “Your connection is not private” error
Go back to your Cloudflare dashboard and click on ‘Pages Rules’ tab on the top menu.
Here we need to add rules that redirect all our website’s HTTP traffic requests to HTTPS. The rules will be in the following syntax:
Rule 1 -> https://avoiderrors.com
Rule 2-> https://www.avoiderrors.com
After adding a rule, ensure to turn on ‘Always use https’ before saving. Note: Remember to replace ‘avoiderrors’ with your domain.
The changes may take at most one hour to take effect. If you followed along, your website is now using HTTPS, and the header on the browser will have a green padlock which means your website is secure.