How To Install SSL Certificate On Wordpress Site
This article detail how to install ssl certificate on wordpress site. Not only that SSL is one of google ranking factors but also ssl will help your wordpress blog more secure. You can get free ssl certificate which is safe and secure from lets encrypt. The benefit of using lets encrypt is you can install ssl on many sites on the same Ip address. Many hosting provider make use of lets encrypt to provide free ssl on their shared hosting service.
Similarly, you can secure your site with commercial ssl. One thing you should consider is, you can only install ssl on one site on your shared hosting account. If you are using VPS, you can only install one ssl on the same IP address.
Before beginning the set up, it is recommended to make a back up of your site. When something is going wrong, you can restore the back up.
Why SSL Is Important
The use of SSL is to encrypt data transfer between server and user who is browsing your site. Theoretically it can transmit the data like username and password of your wordpress blog securely over the internet. It is because the server of your site is far away from your physical place. And You have to login to your site to write a blog post, don't you? And that is a digital world. You can not touch it, but you can see it.
The other benefit is SEO. Google is saying that the use of SSL on your site can have the benefit of SEO signal. It is surely you want to have this benefit, isn't it? Many seo companies find that the sites in the the top ten of search engine result page is using SSL right now. And it is increasing. So by installing ssl on your wordpress site, your site now have one essential seo ranking factor that is SSL. This is one of many factors to rank 1 on google.
Install Lets Encrypt
In this blog post, I will show you how to install ssl both free ssl from lets encrypt and commercial ssl on shared hosting and vps hosting. The two shared hosting I have been with are siteground and hawkhost. These two hosting provider have different installation procedure of lets ecrypt ssl.
1. Install Lets Encrypt On Siteground
To install lets encrypt on siteground shared hosting, follow these steps :
- Point your site to name server of siteground.
- Login to your siteground account.
- Login to cpanel.
- Click on lets encrypt.
- Install ssl on domain.
The lets encrypt renewal will run automatically. So you do not need to renew it manually.
2. Install Lets Encrypt On HawkHost
Installation procedure of lets encrypt on hawkhost shared hosting is easier than on siteground shared hosting. You do not have to install the ssl with step by step like in siteground shared hosting. All you have to do is, point your site to name server of hawkhost shared hosting and add the domain to hawkhost shared hosting via cpanel. Then the ssl will be installed automatically. The auto-renewal of the SSL is on automatically. So yo do not need to renew it manually.
3. Install Lets Encrypt On VPS Hosting
This method I have done in few vps provider such as vultr vps hosting, ramnode and digitalocean, etc. To install lets encrypt on many site on the same Ip address, follow these steps :
1. Download the script
wget https://dl.eff.org/certbot-auto2. Make it executable
chmod a+x certbot-auto3. Move the script
sudo mv certbot-auto /usr/local/bin/4. Change the group ownership
sudo chown root /path/to/certbot-auto5. Change the file permission
sudo chmod 0755 /path/to/certbot-autoTo install the ssl, run this via command line:
sudo certbot --nginx certonly -d yourdomain.com -d www.yourdomain.comIf you are using nginx webserver.
or
sudo certbot --apache certonly -d yourdomain.com -d www.yourdomain.comIf you are using apache webserver.
Thing you have to remember is, lets encrypt will attempt the renewal of the ssl every 3 months. So make user the auto-renewal is on.
Install Commercial SSL
There is a lot of ssl provider you can buy ssl from. The cheapest ssl provider is www.ssls.com. You can get ssl of $ 3,77 from it. Another popular ssl provider is namecheap, digicert.com, rapidssl.com, etc.
For this tutorial, I am using the installation procedure of SSL that I buy from www.ssls.com . To install ssl on unamanged vps provider, follow these steps :
1. Generate CSR of your domain.
openssl req -new -days 365 -nodes -newkey rsa:2048 -keyout yourdomain.com.key -out yourdomain.com.csrOr
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain_com.pem -out yourdomain_com.csr -subj /CN=yourdomain.com; cat yourdomain_com.csr2. Copy paste the CSR to the page that is provided.
nano yourdomain.com.csr
3. Provide an email which is using your domain, like admin@yourdomain.com. Make sure the email is working. If you buy domain from google, you can setup an email forwarding. In this way, every email that is sent to admin@yourdomain.com will be redirected to your gmail account. So you do not have to have real email admin@yourdomain.com.
4. Soon after that, you will be received an email contain ssl certificate validation. You have to click on the particular link. The email will show you which link you should click to browse a validation page, then copy paste the validation code.
5. If the ssl certificate validation is success, you will be received the ssl certificate of your domain via email. There are two files, yourdomain_com.ca-bundle and yourdomain_com.crt. You have to combine these two files by doing this via command line.
cat yourdomain_com.ca-bundle yourdomain_com.crt > ssl-bundle.crtUpload the ssl-bundle.crt to your hosting.
Enable The SSL
After the installation of the SSL is complete, you have to enable the SSL. So that all the visitor of your site will be moved from http to https.
1. Apache Webserver
If you are using apache webserver, you have to place this code below into your .htaccess configuration
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>2. Nginx Webserver
If you are using nginx webserver, you have to set up your site configuration to look like this :
server {
listen 80;
listen [::]:80;
server_name example.com;
return 301 https://$host$request_uri;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2; # IPv6 support
server_name example.com;
ssl_certificate "/etc/letsencrypt/live/yourdomain.com/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/yourdomain.com/privkey.pem";
....
}If you are using paid ssl, replace the ssl certificate with this code :
ssl_certificate /var/www/ssl/yourdomain.com.crt;
ssl_certificate_key /var/www/ssl/yourdomain.com.key; When the code, both for nginx webserver and apache webserver, is placed properly your site will be redirected from http to https.
3. Using Wordpress Plugin
There is a really simple ssl wordpress plugin that can help to redirect all http to https automatically when it find ssl certificate is configured properly. If the ssl certificate is not configured properly, you will see a message in your wordpress admin like this:
Really Simple SSL failed to detect a valid SSL certificate. If you do have an SSL certificate, try to reload this page over https by clicking this button:
SSL Server Test
To check the ssl is working properly, visit this page: www.ssllabs.com/ssltest. Place your domain https://domain.com, then click submit. The site will show you the result. Just wait to see the result.
If you find one of the pages is insecure, you can use the site www.whynopadlock.com to check which part of the page is insecure. Place insecure page and click test page button. You will see the report immediately. Then you can fix it.
Conclusion
Free ssl lets encrypt is the best known as free ssl provider you can install on many site you have on both shared hosting and vps hosting to secure your site. The installation procedure of it is very simple. The configuration of the site to enable the ssl is also dead simple. So you do not have any excuse not to implement it on your wordpress site.
Another option is to install paid ssl on wordpress blog. It is going to need $ 3,77 at minimum. The limitation of it is you can only install the SSL on one shared hosting account or one ip address.
Tags :