You can see it in your everyday life, as developed as it is already, the Internet keeps growing at an impressive speed every minute (chart if you want 2019’s numbers). The growth goes along with growing threats on businesses and websites, threats that can make you lose pretty big money if your WordPress website is destroyed or your data compromised.
An SSL certificate provides security for communications online by enabling connection encryption between a web browser and your website. It testifies that the data received by your website’s visitors was sent by the website and not by a third-party.
On top of securing your website, an SSL certificate will improve your rankings in search engines. Google values security and will favor websites in its rankings, as they confirmed officially, but they didn’t say exactly what was the impact on rankings.
Thankfully, installing an SSL certificate has become very easy nowadays. All serious web hosts have SSL certificates available either for purchase, for free, or both options.
In most cases, free SSL certificates are provided by Let’s Encrypt, a global initiative to make the web a safer place. For example, if you are on a Dreamhost, installing the certificate is as easy as going to your panel, in the left-hand side, choosing the Domains section, then SSL & TLS certificates, then clicking on the big ADD blue button next to the domain name.
You will then get to choose between a free or paid SSL certificate. For a website that doesn’t have any sensitive data, you can go ahead with the free plan. For anyone handling sensitive data, such as business transactions (online sales) or community accounts, I strongly suggest that you pay a small fee for the extra security and warranty.
Once your SSL certificate is setup on the hosting side, you can go ahead and set it up in WordPress. For that, the easiest solution is to go with a plugin. I strongly suggest to use Really Simple SSL (WordPress.org plugin page).
First, you will need to install the plugin. If you don’t know how to install a WordPress plugin, just check out this page.
Once this is done, you will be offered to activate SSL on your WordPress install. Click on enable and log back in the website to be on the https version.
That’s it! You SSL certificate is activated on the site. The plugin offers a settings page where you can enable debugging to check if everything is working smoothly, so I suggest that you verify this.