Letsencrypt Wordpress

Posted on by



  1. Letsencrypt Wordpress Godaddy
  2. Letsencrypt Wordpress Ubuntu
  3. Letsencrypt Wordpress
  4. Letsencrypt Wordpress Digitalocean

Hey there fellow bloggers. This is Parvez and in this article I will show you how to configure Let’s Encrypt SSL with WordPress. This will be a small, easy to follow guide. After you complete all steps mentioned, you will have a completely free SSL certificate by Let’s Encrypt and your WordPress site will be migrated from HTTP to HTTPS.

Before beginning, let’s get some idea about SSL, Let’s Encrypt and things required for successful setup. If you already know about them, you can skip to Step 1 right away.

What is SSL and Why Should You Use It?

SSL stands for Secure Socket Layer which is predecessor to TLS (Transport Layer Security). In short, SSL provides encryption during data transmission on the Internet. Without SSL, any data being transferred between your visitor and your server is unencrypted.

Unencrypted traffic can be snooped-over by users with malicious intentions. It is easy for hackers to eavesdrop on sites without SSL -and are prone to attacks like man-in-the-middle attack. If you have any data that should be confidential –like user details, payment information etc., then you must use SSL on your site.

Secure your WordPress site with SSL certificate provided by Let’s Encrypt®. WP Encryption plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge. Method 2: Add a Free SSL to WordPress Using Flywheel Hosting and Let’s Encrypt Flywheel hosting ( reviewed ) configures SSL certificates pretty rapidly as well. It definitely takes a little longer than SiteGround, but the steps are nicely laid out, and you receive a few guides along the way for additional configurations. Let’s Encrypt works with valid domain and a working server that the domain is pointing to This setup assumes that your domain name is called example.com and is pointing to your server with IP address 192.168.1.2 Don’t forget to also make sure www CNAME is pointing to the domain name. Should look like something below. Hello, In the last couple of months, I had to install LetsEncrypt on a lot of WordPress sites and there wasn’t a single WordPress plugin that generated, verified and installed an SSL certificate along with HTTP to HTTPS redirection. I spent the last two months developing ‘SSL Zen’ a WordPress LetsEncrypt plugin that helps you to - Verify domain ownership using HTML file upload. However, this is a required step if you have just added Let’s Encrypt on a WordPress site that is not on a WP Enthusiast or WP Professional hosting account. To update your site address, you need to change the WordPress Address URL and Site Address URL in your WordPress editor.

This is why financial institutions use the strongest security possible and their URLs always begin with HTTPS. A site with HTTPS and the green padlock sign means your connection is encrypted.

SSL certs also increases your visitors’ trust in your site. In fact, your site can also gain a small boost in Google rankings. This is why, even if your site isn’t going to have data that should be kept safe, you should consider using SSL.

What Is Let’s Encrypt?

SSL certificates are issued by CAs (certificate Authorities). A genuinely issued cert makes it sure that you have legitimately obtained it and you are the intended owner. The bad part? These Certificate Authorities charge some hefty piece of money to issue SSL certs for you.

This is when Let’s Encrypt comes in picture. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). The ISRG is a US-based non-profit and consists of members from organizations like Mozilla, Cisco, Akamai, Electronic Frontier Foundation (EFF) and more.

Let’s Encrypt is a CA itself which issues SSL certs for free. That’s right, completely free! Let’s Encrypt is completely automated and easy to use. You can issue a cert on your own within moments –free of charge. Every new cert is issued for three months –after which it is renewed automatically.

All modern web-browsers recognize SSL certs issued by Let’s Encrypt so you don’t have to worry about your visitors not being able to browse your site.

Sounds good? Of course it does. So let us learn how to configure Let’s Encrypt SSL with WordPress.

Requirements

A Let’s Encrypt-friendly host: Your host should support Let’s Encrypt and provide the option in cPanel. If your host provides commercial SSL service, it probably won’t support Let’s Encrypt in favor of their own SSL business. Get in touch with your host if Let’s Encrypt is not natively supported.

Hosts like SiteGround natively support Let’s Encrypt (despite having their own SSL products). Last time I checked, hosts like NameCheap or GoDaddy doesn’t support Let’s Encrypt.

Some knowledge of cPanel: You will be issuing SSL certificate from cPanel.

Patience and ability to keep calm if things don’t go as expected.

Note: If your domain begins with WWW, make sure to add WWW everywhere your domain is entered in this guide.

How to Configure Let’s Encrypt SSL with WordPress?

Step 1: Issuing a New SSL Certificate

Okay, we will be generating a new SSL cert from Let’s Encrypt. For this, log-in to your cPanel and find Let’s Encrypt. Note that you will find Let’s Encrypt option only if your host supports it.

Enter Let’s Encrypt and scroll down to Install new Let’s Encrypt Certificate.

Select your domain from the list (if you have more than one) and enter an email address you’d like to register the SSL certificate with.

Click Install and let Let’s Encrypt finish its process. It should take no more than one minute to generate a new certificate for your domain.

After a new cert has been successfully generated, you will see it under Installed Certificates. Also notice its status and Renewal Date.

Very well, you have just obtained a new Let’s Encrypt certificate for your domain.

You can now browse your domain by adding HTTPS:// and it should open without warning. If your browser shows certificate warning, then clear browser cache and wait for some time before browsing your domain with HTTPS again.

Once you make sure that your site is being browsed with HTTPS, you can proceed to next step.

Step 2: Configuring WordPress to Work with HTTPS

So your domain has just received brand-new SSL certificate from Let’s Encrypt for free. Thanks Let’s Encrypt! Now you’ll need to configure Let’s Encrypt SSL with WordPress.

To do so, log-in to your WordPress dashboard and go to Settings > General.

You will see Site Address (URL) field there. You’ll have to make a small change here. Replace HTTP:// with HTTPS://. So if your URL is http://mycoolblog.com then it becomes https://mycoolblog.com.

Save the change. Easy! now it’s time to redirect all not-HTTP traffic to HTTPS. Keep reading on next page.

When hearing about SSLs, you most likely land in two groups: The ones who have no idea what I’m talking about right now or the folks who have attempted (or implemented) a website SSL for a fee.

If you’re in the first group, fret not. We’ll explain what an SSL entails and why it’s important for a WordPress site. For those paying for an SSL, we have good news for you. There’s no longer a need to keep that around as an expense.

Why?

Because free SSLs are currently available through a nonprofit called Let’s Encrypt.

If you keep reading we’ll cover all of the options you have for adding a free SSL to WordPress, along with some additional tips, and of course, the initial explanation of what an SSL does.

SSL? What’s That?

I’m glad you asked.

An SSL (secure sockets layer) is a form of technology used to encrypt the data being passed between the browser and server. Encryption ensures that all of the data remains private and secure.

Since the internet is a rather insecure place without encryption, security plugins, and spam deterrents, it wouldn’t seem like a good idea for users to share their personal information if it lacked this protection.

The interesting part about browsing the internet is that information about each user gets shared, sometimes without the person knowing. Then, of course, there’s the act of shopping online and signing up for accounts, which both require you to punch in details like your name and all the way to sensitive information like your credit card number.

Although you may not know it, most reputable websites have SSL encryption. Therefore, your information is safe. However, owning a website brings up a new responsibility to protect both your business and its customers.

In short, an SSL certificate keeps bad guys from trying to hack in and steal the data transferred from server to browser. If a website tries to fake an HTTPS, yet the SSL certificate doesn’t match up, the user sees a warning that the site might not be safe to visit.

How Does Let’s Encrypt Tie In?

Before Let’s Encrypt, SSL technology required some sort of payment. However, that has since changed, since a wide range of companies like Google and Mozilla have come together to sponsor the efforts of Let’s Encrypt, strengthening the overall security of the internet.

Now that you have a general idea of what an SSL certificate does for your site, keep reading to see exactly how to go about gaining access to your free SSL certificate.

Your Options For Implementing Free SSL On a WordPress Site

The SSL with Let’s Encrypt is always free. That said, you’ll have to pay for a hosting account in order to get it. But since you’ll need a host to launch your website, that was going to be a given anyway.

Here are the options for getting an SSL on your site:

  • Sign up with SiteGround Hosting (They offer a free SSL)
  • Sign up with Flywheel Hosting (Also free for an SSL)
  • Integrate Let’s Encrypt on any site that’s not hosted by the two options above. (This method is a little trickier)

The good news is that a few hosting companies provide SSL integration in the CPanel. Therefore, it’s similar to the WordPress one-click install button we’re all used to by now. They make it much easier for beginners, and the more advanced users can cut down on the time they spend for their clients.

What’s more is that any hosting site can technically support an SSL. Therefore, it doesn’t matter which host you go with. However, it’ll most likely take a little longer and potentially require more technical knowledge.

Method 1: Add a Free SSL to WordPress Using SiteGround and Let’s Encrypt

Seeing as how Let’s Encrypt is already integrated with SiteGround, you won’t have to go through much trouble to figure this out.

Start by logging into your SiteGround hosting account. Navigate to your CPanel and locate the Security section. You’ll have to scroll down on the CPanel since this section is towards the bottom.

A few options are given to you, but you should click on the Let’s Encrypt button.

This leads you to an area that displays all of your installed SSL certificates. You might actually have one already, so if that’s the case, you don’t have to continue. However, if the list of Installed Certificates is empty, go to the area that asks you to install a new Let’s Encrypt Certificate.

Select the domain you’d like to use, and type in the email address that’s most appropriate. Hit the Install button to proceed.

Letsencrypt Wordpress

It generally takes a few minutes to process the request, but afterwards you’ll see a box that tells you the setup was a success.

In my opinion, SiteGround has the quickest and easiest method for adding a free SSL to your WordPress site. Therefore, if you are just launching a new website, the SSL setup delivers a solid reason to consider SiteGround for your hosting.

Method 2: Add a Free SSL to WordPress Using Flywheel Hosting and Let’s Encrypt

Flywheel hosting (reviewed) configures SSL certificates pretty rapidly as well. It definitely takes a little longer than SiteGround, but the steps are nicely laid out, and you receive a few guides along the way for additional configurations.

To get the ball rolling, login to your Flywheel hosting account. The Flywheel dashboard shows a tab called Add-ons. Scroll over this to reveal a few more options. Find and select the Add SSL Support button.

Two options are available when it comes to your SSL. The first is the free Let’s Encrypt solution. For this tutorial we’re going to be selecting that. However, you also have the option to bring over your own certificate if you’ve purchased one in the past. However, the setup is going to cost you $10 per month.

After you choose the free one, click on the Configure SSL button.

Personal information is required to get an SSL. Therefore, the next page asks for details like your address, organization, email, and domain.

The next step requires you to select the domain you’d like the SSL to work on. Keep in mind, this is the only domain the SSL will function on. It’s recommended you select your primary domain, but it’s not required. Flywheel also lets users add new domains if they’re just getting a site configured.

Once you have the right domain, click on the Complete SSL Setup button.

Download office for mac trial version. Note: SSLs can only be assigned to individual domains. So, you can’t go in there and place an SSL on a network of sites. You’ll have to do it one by one.

It usually takes about 15 minutes for the SSL validation, but once it’s done you’ll see a new tab in the Add-ons menu item. Skype download for mac 10.4 11. However, this assumes you already have a site launched on Flywheel with a domain pointing to this Flywheel site.

The SSL status changes to Active when everything is running properly.

If You Need to Validate Your Domain

Some users don’t have their sites live yet. Therefore, they’ll receive the following message before they can do anything else.

Letsencrypt Wordpress Godaddy

Since the site isn’t live yet, it means you must validate your domain. The Get DNS Help button serves as your best friend when trying to figure out how to point your DNS to Flywheel. The company also provides a guide on validating your domain for a Simple SSL.

We recommend walking through those steps in order to launch your site and make your SSL active.

Method 3: Adding a Free SSL with Other Web Hosting Companies

The whole point of Let’s Encrypt is to make it free and available to everyone in the world. Therefore, the only requirement for using Let’s Encrypt is a domain.

So, if you decide to go with a host like Bluehost or GoDaddy, you can still add a free SSL, even if they don’t provide integrated solutions.

Look around your host’s CPanel to see if they offer a built-in SSL tool. If that’s not the case, you can generally find documentation support areas to help out. The final outlet is to contact the support team and ask them to walk you through it.

The reason we’re recommending documentation and support teams is because each setup process differs depending on the hosting company you choose. Therefore, it wouldn’t be prudent to cover just one or two of various other possible hosts you could go with.

Important: Make the Shift From HTTP to HTTPS

Since your site is now secure with an SSL, you’ll need to switch your WordPress URL to HTTPS.

Chances are it’s currently HTTP, looking something like this: http://www.mysite.com.

The goal is to make it like this: https://www.mysite.com.

Not only does this let the browser and your users know the site is secure, but the SSL you just installed won’t work if the URLs aren’t modified.

Therefore, let’s walk through the steps needed to initiate this change.

If You Have a New Website

Switching to an HTTPS only takes a few steps with a new site. Open up your WordPress dashboard and click on the Settings tab. Change the WordPress Address (URL) and the Site Address (URL) to include the HTTPS at the front of your domain.

After you hit the save button the setup is complete.

If You Already Have an Existing WordPress Website

Changing to an HTTPS for an existing site is the same as with a new site.

However, a live WordPress website has already been indexed by Google, and I’m sure you have some incoming links from other websites. None of the links are going to work unless you redirect them to the new HTTPS URL.

Letsencrypt Wordpress Ubuntu

Download and install the Really Simple SSL plugin. It does all the work for you, finding your SSL certificate and configuring your site to work properly with it. This includes redirecting links to the new URL and making it so that the search engines are indexing the right URLs.

Did You Have Any Problems Adding a Free SSL to Your WordPress Website?

Letsencrypt Wordpress

If so, feel free to let us know in the comments section below. As we talked about before, your best option is to go with a hosting company that includes an integration with Let’s Encrypt. These hosts make it simple for even the least knowledgeable developer.

If you’d rather go with a different host, simply take the time to walk through the documentation. Also, be prepared to speak with support reps.

Letsencrypt Wordpress Digitalocean

Other than that, congratulations on making your website more secure and desirable for all visitors!