Starting July 2018 Google Chrome will mark all HTTP websites as “not secure.” If you haven’t made the switch to HTTPS by then, your site will be branded with a flaming red warning sign that undoubtedly will scare off your visitors.
For eCommerce websites, HTTPS or secure HTTP has been an absolute must for years, but now Google has decided that all sites must have the SSL certificate in place.
What is SSL anyway?
Every day we share our personal info when we go online. Whether you visit a website, log in,
sign up for a newsletter or buy something.
To protect your data from prying eyes, a secure connection needs to be established between your browser and the website you are visiting.
That’s where SSL comes in.
Secure Socket Layers encrypt the transmission of data making it much harder to steal information.
What does SSL look like?
You can see the immediate effect of SSL when you open your Chrome browser and type in your website’s URL. Which of these three symbols do you see in the navigation bar?
If you don’t have an SSL certificate installed you probably see the grey i. After July 2018 that will turn into the red Not secure symbol. Not good. What you do want is the green padlock Secure instead.
This 3-step guide to HTTPS is for self-hosted WordPress websites only.
Before you make any changes remember to make a backup of your entire site and database. An easy to use plugin for backing up your data is Updraft.
Step 1 : Get your SSL certificate
You can get the SSL certificate for your domain directly from your hosting provider. Some providers offer free SSL with their plans others charge a fee. Check your provider’s website and your Control Panel to see how it works for you.
In some cases the SSL certificate can be installed with a click from your Control Panel in other cases you have to ask your provider to install it on your server. In either case, it will take at least a couple of hours before the certificate is active.
Step 2: Install the WordPress plugin
The next step is to redirect your site from HTTP to HTTPS. You can do this manually by changing settings and adding code, but there is a plugin that will do all this for you.
Install the free plugin Really Simple SSL. After activating the plugin, follow the instructions to activate the SSL. You need to log in again to see the changes.
If you go to Settings -> General on your WP Dashboard you will see that your website address is now HTTPS.
Step 3: Setup Google Analytics and Search Console
After you moved your site to SSL, it is important to adjust the settings in Google Analytics and Google Search Console as well. Your website should be recorded as https there as well.
Follow the instructions on the Really Simple SSL plugin website.
If you don’t have Google Search Console (previously named Webmaster Tools) for your website, you should get on that asap. This free Google service helps you monitor and maintain your site’s presence in the Google search results.
Now go to your website and check for the green padlock. You might have to clear your browser’s cache first to make it show.