What to do about SSL for WordPress and What I Did
Have you started a WordPress website with a hosting provider and when you’ve come to set up SSL (Secure Sockets Layer) been completely bamboozled with the process. This was what happened to me recently. So here’s what to do about SSL for WordPress and what I did.
The History of SSL/TLS
When Google first started favouring sites that had been secured with SSL in 2016 it was quite expensive to get the little lock in the browser. Fortunately, the price has come down with some hosts even providing SSL for free. Well some say free as long as you set it up and maintain it yourself.
SSL/TLS (TLS stands for Transport Layer Security) has been around since the mid nineties in its first iteration as SSL. Fast forward to 2018 and we have the current platform. It’s prime function is to provide a authenticity for both your website and the website being communicated with. Alongside of this is a confidential connection which protects the information that is communicated. Lastly SSL/TLS gives the process integrity by stopping any change to the data while it is being transmitted.
When I signed up with Wealthy Affiliate that same year it wasn’t long before they were offering SSL for their websites and as long as you were a premium member, SSL for your domain or domains was all part of the package. One less thing to worry or stress about.
What it does for you?
Having said that if your site is simply a personal blog or purely informative the need for SSL may not be as high. What it does for you if you’re offering products or services for sale and want to accept any payments (you could be a charity or nonprofit) is to enable a connection with another computer that has integrity, is confidential and authentic. SLL is mandatory if you want your site to be indexed in Google. If not, any potential customer will be greeted with a message saying that your site is not secure.
It was a bit of a surprise for me when I opened this new portal into the cyber world on an unfamiliar hosting platform that though it said the SSL was free I would have to set it up myself and then maintain it. What would I do about SSL for WordPress? There was a video tutorial in their help centre but when I read in the reviews that customers were having difficulty and even the CEO was recommending that they could get some assistance from an SSL provider I decided I needed to take matters into my own hands.
What to do if you’re running WordPress
I kind of knew what I was in for when I installed and was running WordPress. It already had Really Simple SSL installed as a plugin. When I tried to set it up, it all seemed a bit convoluted with extra bits to sign up and pay for. So I gave up and deleted it. When you’re a drag and drop builder kind of guy you want easy. Really Simple I didn’t find that easy. I searched around for other options.
I went back to the hosting provider and saw that you could pay for and activate WildCard SSL for close to $100.00 per year. Not a bad option at less that $10.00 a month.
I typed in SSL in WordPress Plug-In keyword search and came up with 3 options Really SimpleSSL, Zen SSL, and WP Encryption. You already know my concerns about Really Simple.
The great thing about these plugins is that you can see if they’re compatible with the current version of WordPress. Both Really Simple and WP Encryption had their compatible badge. Zen SSL did not.
That left me with one option – WP Encryption and for $49.00 to go Pro with a lifetime licence I thought that was the best deal. I was hoping it would be easy to set up too.
Setting up WP Encryption
I wasn’t wrong. Once I had purchased WP Encryption and downloaded it to my computer I was good to go.
It was easy to go into plugins in WordPress and click on Add New. Where it says Add Plugins there is a button next to it with Upload Plugin on it. Click on this and then go down to the Choose File button in the middle of the page and click. Find where you saved the WP Encryption file to and open it. It should be in a zip file. Then click Install now and follow instructions.
They do market it as one click. It took me two. I was quick to forgive though, because following this second click there was no problem with the set up.
What WP Encryption does is it automates the certification for SSL from Let’s Encrypt. Let’s Encrypt is a not for profit Certificate Authority that supplies over 200 million websites with an SSL or TLS certificate.
If you’re unsure if your hosting provider supports Let’s Encrypt they have a list of hosts to check. In the NameHero (I host LightingYourFire here) resources I found reference to Let’s Encrypt but there was no sign of them on the list of providers.
So just be aware that if your Host doesn’t rate a mention that doesn’t mean that you can’t set up WP Encryption SSL on your WordPress website. If you want to pay the $49.00 for a lifetime license you’ll make the process pretty stress free.
If you have any problems with the set up I maybe be able to help. Just leave a comment in the section below and I’ll get back to you.
There are also videos to help you on YouTube if you run into difficulties.
On its page in WordPress.Org there are videos and screenshots to help you with set up.
It’s easy to go with what is considered the status quo when setting up a WordPress website and if you have it, just to pay the money to get set up. Most companies who market plugins will set them up on your site for a fee. This could be an option if you’re really stuck.
I said earlier Wealthy Affiliate had free SSL/TLS built into their platform. Read a review HERE.
I’m glad I made the effort to look for an alternative and hope this gives a pathway for you to follow if you find yourself in a similar situation.