skip to Main Content
Securing Your WordPress Website With SSL

Securing Your WordPress Website with SSL

We wrote about the importance of using SSL before. And we have been pushing for all our clients to get on board and get an SSL certificate. Not only is it good for SEO, but it also makes sure that browsers this year will not consider forms on your site that take user payment details or password details as insecure if they are not using https / SSL. So let’s talk about securing your website with SSL

Why do you need SSL?

So why do you need it? Well, one, it gives you more authority on the web and better SEO. But also, it is becoming more a more urgent to get an SSL certificate as more and more browsers will flag your sites / pages on your site as insecure when you ask for payment or Credit Card data in forms – think ecommerce – or password and do not use SSL. And that will look really bad on your site. Again, see earlier article on Chrome and SSL push.

What is SSL

SSL or TLS are basically two technologies to encrypt the connection from the visitor of your website to your website. So every time he enters data on your site in forms that data will be sent securely. Once a site is https secure you will see either a green lock in your browser or the lock and the word Secure.

How to get SSL

SSL can be gotten by either paying for an SSL certificate with a company that deals with it, by asking your host to arrange it or by taking care of itself. Normally your webhoster should have options available. Not all hosters have the free Let’s Encrypt option though so you may need to pay around €15-30 a year for it.

User Case

One of our long term clients Het Wapen van Enkhuizen, a hotel in the picturesque Enkhuizen, Holland has just had a lovely upgrade to a Comodo SSL certificate as well and is now completely secure. Giving it more authority on the web, better SEO and better preparation for an SSL only web in the future. Let’s Encrypt was not possible with their Dutch hoster Hostnet. So we went for a Comodo Positive SSL Certificate instead.

Now some technical details

Redirects

After adding modified WordPress rewrite

<IfModule mod_rewrite.c>
# BEGIN Force http to https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
# END Force http to https
</IfModule>

and adding

define('FORCE_SSL_ADMIN', true);

to wp-config.php all traffic got redirected to https.

Hard coded Urls

Then we only needed to replace some hard coded urls inside header.php, style.css and replace image paths.

Image Paths replacement

For replacement of image paths in the database we used the search and replace script of the awesome company Interconnectit. And then we had a great secure Wapen van Enkhuizen!

Interested?

If you are interested in help with Securing Your Website with SSL we can take care of this for a very affordable fee of €50

 

 

Jasper

Been working with WordPress, SEO, content marketing and the web for 12+ years. When I am not coding, reading about the web or dreaming the web of things I travel or run a few blocks

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top