Adding SSL and HTTPS in WordPress


Present days, SSL is important for every type of websites. It helps to make your website secure and earn the trust of your website’s visitors. Besides this, SSL certificate and HTTPS boosts your website ranking on various search engines. So, if you don’t have already added SSL to your website, it’s time to move from HTTP to HTTPS.

Are you want to move from HTTP to HTTPS and install an SSL certificate in WordPress site? This step-by-step guide will make it easier to add SSL to website. In this tutorial, we will show you how to add SSL and HTTPS in WordPress.

What are SSL and HTTPS?

SSL (Secure Sockets Layer) creates an encrypted layer when data passed between two systems. Whether it is server to server or server to browser communication, SSL encrypts the data to make it secure. SSL and HTTPS both are used to protect the online data by creating a secure connection between browser and server.

  • SSL – Transport Layer Security protocol that provides communications security over a network.
  • HTTPS – HTTP over Transport Layer Security protocol that provides secure communication over a network.

SSL Certificate is a text file that contains encrypted data. SSL Certificate helps to make secure sensitive communications between your site and your customers.

Add SSL and HTTPS in WordPress

It’s very easy to add SSL and implement HTTPS redirection in WordPress. Follow the below step-by-step guide to install SSL and configure WordPress to enable SSL and HTTPS to your website.

Choose and Buy Suitable SSL Certificate

There are three commonly used SSL certificate types are available.

  • Domain Validation (DV): This certificate verifies the owner of the domain.
  • Organization Validation (OV): This certificate verifies the owner of the domain and organization.
  • Extended Validation (EV): This certificate provides the highest level of security with strict verification of the organization.

The cost of SSL certificate varies from one hosting provider to another. Generally, SSL certificate cost $50 – $250 USD per year. To add SSL to the website, choose a right SSL certificate as per your needs and buy it from a trusted SSL provider.

You can buy an SSL certificate for only $9/year at Namecheap.

Install SSL Certificate

Once you have done CSR (Certificate Signing Request) and purchased an SSL Certificate, your SSL Certificate will be signed and issued. Now you need to download SSL Certificate and install it on the hosting server. Otherwise, you can ask your web hosting provider to install it on your server.

Setup WordPress to Use SSL and HTTPS

Once you have SSL certificate installed on your server, now you need to configure the WordPress for using SSL Certificate. Configure the following settings to add SSL and HTTPS in WordPress.

  • Update WordPress URL to HTTPS:
    Login to your WordPress admin panel and navigate to Settings » General. Change the WordPress Address and Site Address, and add https://www. instead of http:// in the beginning.

    wordpress-add-ssl-https-settings-url-https-codexworld

    If you are implementing SSL in your existing site, you need to setup SSL redirect. Use HTACCESS file to setup SSL redirect from HTTP to HTTPS in WordPress.
    Add the following code in the root’s .htaccess file to redirect HTTP URL to HTTPS with www.

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80 
    RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
    </IfModule>
    

    Don’t forget to replace example.com with your site domain name.

  • Force SSL for Admin and Content:
    Add the following code above the “That’s all, stop editing! Happy blogging.” line in the wp-config.php file.

    define('FORCE_SSL_ADMIN'true);
    define('FORCE_SSL_CONTENT'true);
    if (
    $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'):
        
    $_SERVER['HTTPS']='on';
    endif;
  • Change All Links to HTTPS:
    If you’re adding SSL to your existing WordPress site, make sure all the links are modified with HTTPS. Otherwise, many browsers (Google Chrome, Firefox, etc.) may show the Not Secure and Mixed Content warning. It can be done by replacing all links from http to https in the database.

After successfully implemented SSL and HTTPS, a green bar will show in the address bar of the browsers.

wordpress-add-ssl-https-redirect-codexworld

Conclusion

Hope, this tutorial will help you to add SSL certificate and HTTPS redirection in WordPress. If you’re a newbie on WordPress or hosting, we highly recommend you to take our WordPress SSL & HTTPS Setup service for adding SSL and HTTPS to your WordPress site. This service is the best way to add SSL to WordPress without any hassle at a low price.

Are you want to get implementation help, or modify or extend the functionality of this script? Submit paid service request

Recommended Tutorials For You

2 Comments

  1. Arkaprava Majumder Said...
    • CodexWorld Said...

Leave a reply