Today, the security of web pages is very important. Google has already warned that websites that have an SSL security certificate, obtain SEO benefits and appear in better positions in the results lists. Which translates into more visits.
But it not only affects the SEO positioning of your website, but it has also become an essential requirement when creating an online store and selling online. If you are considering setting up an ecommerce, you should know that to guarantee secure payment it is mandatory that you implement it from the first moment.
In addition, in case you did not know, if your website does not have a security SSL certificate, browsers such as Google Chrome and Mozilla Firefox may show a ” non-secure web ” notice to people who try to access your page to warn them that they are in a potentially dangerous place . And this I assure you that it will scare them and they will run off your website.
For all these reasons, today I want to show you how to install an SSL certificate in WordPress, that is, how to change your website from HTTP to HTTPS and make it totally secure for you and your visitors.
Let us begin!
What is a Let’s Encrypt SSL certificate?
Before we get to work, it is important that you know what an SSL certificate is.
Surely you have looked more than once in those web pages that have in the navigation bar, where the URL of the web is put, a green padlock indicating that the web is secure.
This green padlock appears when a website has an SSL certificate and is totally secure for users. This means that when users fill out a contact form or enter personal and bank details, they are safe.
In case you have not passed your website to HTTPS, all this information is sent unencrypted. Which can be a serious problem, because there are people who are dedicated to capturing that information and using it with bad intentions. So just in case, the SSL certificate “encrypts” that information before sending it. In this way, if a hacker intercepts the information, nothing would happen since it would be encrypted and could not use it for anything.
How to install a free SSL certificate in WordPress and convert your website to HTTPS
Like almost everything in life, there are several ways of doing things. When migrating your website to HTTPS and activating your SSL certificate, the same thing happens, there is an extremely simple and automatic way, and another a little more laborious in which you have to take care of everything. In this guide we are going to look at both methods.
If you have a good quality hosting, you are in luck since you will only have to click a button and in a few minutes you will have everything ready and your website will work under the HTTPS protocol and you will have your SSL certificate installed.
Now you will see a screen with all the accounts that you have contracted in the hosting. Click on the one you want to enable the SSL certificate and click on Manage SSL Certificates.
Next, you have to click on a blue button that says Autos’. When you click, what it does is start the installation process of your free Let’s Encrypt SSL certificate for all the domains you have in your panel.
When it finishes loading, you will have already migrated your website to HTTPS and your page will be completely secure. Normally, this process can take about 10-15 minutes, so don’t worry if when trying to access your website you still don’t see the HTTPS protocol activated.
As soon as that period of time passes, your entire website will be safe and you will not have to do anything else. Easy, right? This is one of the advantages of having a good hosting.
Activate SSL certificate and transfer your website to HTTPS manually
This way of installing an SSL certificate on your website requires that you follow all the steps to the letter. If you skip any of them or do not do it as I am going to explain, it can give you problems and not activate correctly. So pay attention to all the steps.
Step 1: Go to your hosting and install your SSL certificate
The first thing you have to do is go to your hosting and see if they offer you the possibility of installing a free SSL certificate on your website. Normally, if you have hired a good web host, they themselves give you an SSL certificate to activate HTTPS in your WordPress. There are also payment options, but with the free Let’s Encrypt SSL certificate we have plenty.
To start installing it, look in your administration panel for a section that says Certificates, HTTPS Security, SSL or similar. Depending on the hosting you have, they may call it something else. If you have doubts, ask your provider’s support.
When you find it, you will surely see the free Let’s Encrypt SSL Certificate. Choose that one and install it on the domain you want to protect. Always choose the domain with the three www so that all versions of your website (www.yourdomain.com and yourdomain.com) go to HTTPS. www. your domain. Com and your domain. Com) switch to HTTPS.
Step 2: Change the URL from https to https
Now that you have your free SSL certificate installed, go to your WordPress dashboard (yourdomain.com/we-admin) and click Settings > General. There you can see that your website follows the HTTP protocol. So, change it to HTTPS: your domain. Com / we – admin) and click
After saving the changes, WordPress will remove you from the administration panel and you will have to log into your website again. This is normal since now your website has a different URL (now it starts with HTTPS instead of just HTTP).
Step 3: Replace the URLs in HTTP with the new ones with HTTPS in the database
Now you need to install a plugin that allows you to make this change in a simple way so go to Plugins > Add New and search for Better Search Replace. Install and activate.
When you have done it, in the WordPress Tools section you will now have a new option called Better Search Replace.
Once there, fill in the following fields:
- Search by: put your full domain “https://yourdomain.com” or “https://www.yourdomain.com in case your website goes with www.http: // your domain. Com “or” http: // www. Your domain. Com in case your website goes with the www.
- Replace with: put your full domain now with the https protocol “https://yourdomain.com” or “https://www.yourdomain.com in case your website goes with www.https: // your domain. Com “or” http: // www. Your domain. Com in case your website goes with the www.
Now select all the database tables in the box just below.
Finally, uncheck the simulation option for the changes to take effect and click on the Run search / replace button.
Step 4: Redirect all URLs from HTTP to HTTPS
Finally, you have to make all the old URLs that are still using the HTTP protocol to use HTTPS. In this way, all your pages that are indexed in Google and all the links that you have obtained to date (and that have HTTP) will redirect to the secure version of your website.
To do this, you have to modify the hatches file of your website.
If you have the Yeast SEO Plugin installed, go to the SEO> Tools> File editor section and paste this code in the hatches file at the beginning of everything:
Rewrite Engine on
Rewrite Cond% {ENV: HTTPS}! On [NC]
Rewrite Rule ^ (. *) $ Https: //% {HTTP_HOST} % {REQUEST_URI} [R = 301, L] https: //% {HTTP _ HOST} % {REQUEST _ URI} [R
If you don’t have Yeast SEO, don’t wait any longer and install it! In any case, you can also modify this file by entering the file manager of your hosting.
Change the version of your website in Analytics and Search Console
Now that you have converted your WordPress website to HTTPS, we are going to notify Google of these changes. We will do it first with Analytics and then with Search Console:
Convert your website to HTTPS in Google Analytics
Access your Google Analytics account and go to the Manage section (the one with the settings wheel on the left side menu). There you will see that there are 3 columns, look at the one in the middle that says Property. Click on the Property Configuration option and change the HTTP version and put HTTPS as shown in the following screenshot:
Repeat the process in the View column, View Settings section and that’s it! Convert your website to HTTPS in Google Search Console
Now we have to do the same in Search Console. In case you don’t know what this tool is for, just tell you that it is very useful to see information related to the crawling and indexing that Google does on our website. We can see in which position we have each keyword, how many clicks we receive on each result, add a sitemap and much more.
Access your Search Console account and you will see a red button on the right that says Add a property. Click and add two new versions.