SSL encryption adds a layer of security to your website that makes it harder for malicious actors to collect personal information submitted through forms on your website.
This post covers ways to obtain and install an SSL certificate.
Purchasing and Installing an SSL
Typically your hosting company is the best resource for obtaining an SSL Certification. Occasionally, your host may provide one free of charge or at a discount.
The details and cost of this are different for each host, but they will know exactly how to get your site served over HTTPS with a proper SSL certificate. Again, ignore “shared” or “self-signed” SSL options and make sure that you obtain a full trusted third-party SSL certificate.
Option 1: Generate a Let’s Encrypt SSL Certificate
In 2016, a new (and free) way to obtain “third party” SSL certificates was introduced called Let’s Encrypt. From the Let’s Encrypt about page:
Many web hosts are starting to offer Let’s Encrypt SSL certificates for free or at a reduced cost. If your host supports Let’s Encrypt, ask if they will set up the certificate for you. If your host won’t set it up, but you have SSH access to your web server (typical of dedicated or VPS-level hosting plans), you can generate the certificate yourself and setup your web server to use it.Guide to Installing a Free SSL
Option 2: Purchase an SSL Certificate
If you don’t have SSH access to your web server and your host’s provided SSL is not optimal, you may be able to install an SSL certificate yourself (e.g. through a control panel).
For this approach, you can purchase an SSL certificate from a “certificate authority” for use on your site. You may also want to purchase from a certificate authority if you want a Wildcard SSL, SAN SSL or other advanced SSL.
Here are some place where you can purchase and download SSL certificates:
- SSL For Free (Uses Let’s Encrypt. Free but must be manually renewed every 90 days.)
- GoDaddy (Expensive, but lots of options. Affiliate link.)
- AlphaSSL (Sign up for a reseller account for discounts if you plan to purchase many certificates for clients/etc.
Now Tell WordPress to Use the SSL
After successfully installing and configuring your SSL, you will now want to consider telling your WordPress site to always load over SSL.
Read the Guide: Configuring WordPress to Always Use HTTPS/SSL