Nowadays SSL encryption is really important. The Shared Sockets Layer allows each connection between a website and a browser to remain private and integral. Thus the risk of having personal data stolen is highly reduced.
As you can see encryption is something that you need to consider in order to improve the user experience and security. In this post I will present to you the plugin Really Simple SSL which is the proper way to secure WordPress with SSL.
When will you need SSL for WordPress?
In most cases the answer will be – when using WordPress in order to create and maintain an e-commerce website. However I personally find this answer too limiting. That is why in my opinion a SSL encryption is needed each time user data is submitted to a website. For example a simple email contact form may allow the leaking of email addresses and other personal data if a hacker tries to mess with the insecure connection.
So I will try to answer the opposite question – when a SSL connection won’t be needed. And the answer is – for any website that does not require user data submission in any form.
And I’d like to have your attention on one very important fact – web browsers are favoring websites with SSL connection more and more. The same applies for search engines as well. For example Firefox 52 is the first release that warns users for insecure HTTP pages with login forms. And if a user is not trusting a website enough then this warning might result in leaving the website for good. So if you are aiming at creating a website with many registered users, you’d better consider securing it with a SSL certificate in order to attract new users and keep the current ones.
But SSL certificates are not cheap? What are my alternatives?
Let’s encrypt! This is an open-source solution that provides free certificates. Most reliable hosting companies are already providing this method of obtaining SSL certificate. With just a couple of clicks in your cPanel you will be able to install, remove and even renew your Let’s encrypt certificates.
If you are not sure whether your hosting company supports this method, simply ask them.
Of course there might be some situations in which a paid SSL certificate will be more suitable than Let’s encrypt. However for most WordPress websites this is the ideal way.
OK I have my certificate installed. How to enable it in WordPress?
With Really Simple SSL, of course! In order to achieve this you will need to download and install this plugin. Again you may prefer using WordPress.org or the plugin installer system in your dashboard. Once it is installed simply activate it. Then the plugin will ask you to enable SSL and with just one click the connection to your website is secured. Simple as that!
Of course Really Simple SSL will warn you that you need to configure Google Analytics to use https instead of http.
You can fix this by going to your account and select the website Property and under Property settings to select https. The same needs to be done for your View under View Settings.
The next step is to create a new property in Search Console for the https version of your website (don’t forget to re-submit your sitemaps). Integrate it with Google Analytics (under Property Settings). Last but not least – edit your robots.txt file and add https instead of http for the url of you sitemap (if you provide such information there, of course).
With this you are done and you can relax! But just remember that any embedded content from non-https websites will not be shown anymore on your own. This is a security measure from the modern browsers. So consider uploading this content to your own website (if applicable) in order to make it visible on the respective pages. Otherwise simply remove it.
What if I need more features from a solution like Really Simple SSL?
Then you should consider purchasing the pro version of this wonderful WordPress plugin. Find out more on the official WordPress.org page of Really Simple SSL.
So what do you think, friends? Will you give this plugin a try? Share any thoughts and questions in the comment form below. Don’t forget to share this post in social media as well.
See you soon!