You have just started your WordPress website and know that it must be HTTPS to be secure. In my post, I will show you step by step how to make your WordPress site HTTPS. First, you need an SSL certificate. Check with your hosting company to see if they offer free SSL certificates. If they don’t, then you can get a free SSL certificate from Cloudflare. Second, set up an account with Cloudflare and add your WordPress website. Third, change your nameservers so that your website passes through Cloudflare’s servers. Fourth, activate the ‘Really S
Let’s make your WordPress site HTTPS.
- Head over to Cloudflare to set up a free account.
- Get started with Cloudflare.
- How to add a site to Cloudflare.
- Choose your Cloudflare plan.
- Cloudflare scan results.
- Changing your nameservers.
- Checking your nameserver update status.
- Activate the Really Simple SSL plugin.
- Conclusion.
Head over to Cloudflare to set up a free account
First thing we need to do is head over to Cloudflare.com to set up a free account.
Here is Cloudflare’s homepage.
Get started with Cloudflare
To get started, click on the ‘Sign Up’ link at the top.
Fill in the required details to create your account.
Once you have created your account. Then you can add your WordPress site to Cloudflare.
How to add a site to Cloudflare
After you sign in to your account. Click on one of the two ‘Add a site’ links.
Like this.
I will add this site (Newblogr.com) to my Cloudflare account.
Once you click on ‘Add a site’ link you go to this page.
In this box you type your website address. For me, I will add Newblogr.com, I will type that into the box and then click on the blue ‘Add Site’ link.
After you click on that link. There will be a short delay as Cloudflare begins the process of scanning your site.
When Cloudflare is ready to continue, you will see this message.
To continue with the process, click on the blue ‘Next’ link.
Choose your Cloudflare plan
The next step is to choose your plan. To get an SSL certificate for your website. Select the free plan. If you need more, then there are other options here for you.
I just want the free SSL certificate, so I am going to select the free plan.
To choose a plan, click on the one you want and then click on the blue ‘Confirm plan’ link.
Once you click on that link you see a popup asking you to confirm that you accept you will be paying a monthly subscription fee.
With the free plan there is no monthly fee.
When you have read and understood the text. Click on the blue ‘Confirm’ link.
Cloudflare scan results
After you click on ‘Confirm’. Cloudflare will scan your site to get the information it needs to set up your website on their system.
After the scan is finished, you will see this screen. Cloudflare will ask you to double check that they haven’t missed anything.
I have three sites on Cloudflare, they haven’t missed anything yet.
When you are ready to continue. Scroll to the bottom of this screen and you will see a link to move on to the next page.
Changing your nameservers
The last task to complete is to change your nameservers. You change your nameservers within the account of where you purchased your domain.
I always buy my domains from Namecheap.com. So if I need to change my nameservers I go to my account on Namecheap.
To change the nameservers for Newblogr.com in Namecheap, I click on the ‘MANAGE’ link on the right.
After I click on ‘MANAGE’, I scroll down until I see the section nameservers. I update the nameservers and click save.
When you change your nameservers, it takes up to about 48 hours for the internet world to know your new nameservers. In my experience, everything updates within 24 hours. Sometimes less.
Checking your nameserver update status
I like to check how quickly my nameservers are being updated when I change them. To check, go to www.whatsmydns.net. On this website, type your website address, select NS from the drop-down box and click search.
Like this.
You can see after only a few hours all my nameservers have updated except for one that is not showing in Los Angeles.
Activate the Really Simple SSL plugin
Now that you have your SSL certificate from Cloudflare. It is time to make your WordPress site HTTPS. The best and easiest way to do that is with the ‘Really Simple SSL’ plugin.
To get this plugin we need to go to ‘Plugins’ on our WordPress admin and select ‘Add New’.
Like this.
After you click on ‘Add New’ you come to the WordPress plugin library. In the search box on the top-right, type ‘really simple ssl’.
On my results page, the Really Simple SSL plugin is on the top-left. To install this plugin, click on the ‘Install link’.
After a few seconds the link will turn blue and say ‘Activate’. Click on ‘Activate’.
After you click on ‘Activate’. The plugin will check to make sure you have an SSL certificate. If you have done everything correctly, you will get this message.
The plugin will list some things that can’t be done automatically. It will also recommend that you run a backup before activating SSL.
Running a backup is always recommended when you make any major changes to your website. Should anything go wrong, then you can restore your site without losing any of your work.
If you are unsure on how to run a backup of your site. Please check out my other post, ‘How to backup your WordPress site.‘
When you are ready, click on the blue ‘Go ahead activate SSL’ link.
Once the plugin is activated. You will get a reminder to check your Google analytics and Google search console accounts. If you registered your site as an HTTP site. You should go back to those accounts and update them to HTTPS.
Conclusion
To stop your site getting tagged as insecure by browsers you need to get an SSL certificate. This certificate makes sure any data processed on your website is encrypted.
Websites that have an SSL certificate get the green padlock in the address bar, this green lock shows visitors that the website they are on is secure.
The first place to check about SSL certificates is your hosting company. Hosting companies used to charge for these certificates, but now many of them offer free certificates with their hosting packages.
If you have a hosting package that doesn’t come with a free SSL certificate. Don’t worry, you can get a free one from Cloudflare. Follow my instructions above and you will have a secure website in no time and not have to pay a penny.
Google and Bing give priority to HTTPS sites now. If you have not got round to making your WordPress site HTTPS yet. I highly recommend you put it on your to-do list.
Comments
How did you make your WordPress site HTTPS?
Do you use Cloudflare for your SSL certificate?
Did you know you could get SSL certificates for free?
I look forward to reading your comments.
