[UPDATED: SEP 2020]
Secure or not, it’s one of the decisions you have to make when designing your WordPress website. Unsure what I mean by all that, read on as I will discuss the benefits of adding security to your website, different options available in the market, and how you can get a WordPress SSL certificate for free with a plugin and Cloudflare in few simple steps outlined below.
Wait, did I just say you can get a WordPress SSL Certificate for Free? Before we dive into how to get that done let’s take a quick look at what SSL is all about and why you should install it.
What is an SSL Certificate?
SSL is a standard security protocol that builds up encoding links between a web server and a web browser. In this way, guaranteeing all communication that occurs between a web server and browser(s) remains encrypted and thus private. SSL Certificate is today an industry standard that is used by a huge number of sites worldwide to secure communications and data that is transmitted online through the sites.
Why Use SSL?
But why should you worry about security if you only have a simple blog/website? Well to start with, each website on the Internet ought to be served over HTTPS. Here are a few reasons:
- Performance: Modern SSL can really improve page load times.
- Search Ranking Boost: Search engines support HTTPS sites more.
- Security: Encrypting traffic with SSL guarantees nobody can snoop on your info.
- Trust: Building trust by showing a green lock in the address bar of the browser.
- Regulatory Compliance: SSL is a key part of PCI compliance.
Now when you visit your site you may notice a “Not Secure” message on your browser in the URL Bar. It means that you do not have an SSL Certificate installed and your site is not secured. But I can help with that …
HOW TO Get an SSL CERTIFICATE?
As always, there are few ways of turning your WordPress site web presence into a secure website. One of the quickest ways is to purchase an SSL certificate when signing up for your web hosting. Most of the “advanced” WordPress packages available hosting providers like GoDaddy include SSL certificates as part of their offers.
But what can you do if you’ve already committed to a WordPress hosting package and it didn’t include any security measures? Most web hosting companies offer SSL certificates for purchase but keep in mind there is a cost associated with that ($80+ per year). So, if you prefer to buy and let the pros look after your website’s security, go right on and if you are looking for a good discount to get started I can highly recommend GoDaddy’s 30% off on SSL certificates.
And since I like to save the best for last, with little tech skills and my instructions below, you can also install a WordPress SSL certificate for free with Cloudflare. It’s not as difficult as it may sound and certainly will not add on yet another expense to your list of outgoing payments to maintain your website.
WORDPRESS SSL Certificate For Free in just 5 steps
Below I will show you how to get a Free WordPress SSL Certificate for your WordPress website using Cloudflare to get a secure message with a lock symbol. So by obtaining an SSL, it’ll build your visitors to trust your web site and your content.
- Create a new account on Cloudflare
- Add your website to Cloudflare account
- Change your Name servers in the domain
- Install the Cloudflare plugin on WordPress
- Enable SSL Certificate on Cloudflare
At this point, you should have your WordPress website launched and ready to go with admin access to your WordPress dashboard and the ability to change the setting in your domain’s nameserver.
Step 1 – Create a new Account on Cloudflare
Let’s start by setting up a new account on Cloudflare. Cloudflare is a website, which will provide you with the SSL Certificate for free. You simply need to create a new account on Cloudflare, you just go to www.clouflare.com and enter your email and password to create a new account.
Step 2 – Add your website to Cloudflare
Add your website to your Cloudflare account. Just add your website domain (www.yourwebsite.com) to your new Cloudflare account then select the setup you want to use and click “confirm“. Now Cloudflare will provide you with your name server details which you will need in the next step.
Step 3 – Change Your Nameservers
It’s time to configure the Cloudflare SSL WordPress Plugin feature in this step. You need to change the existing nameservers on your domain with nameservers provided from Cloudflare. To change your name servers, first, you’ll need to go to your domain provider’s website and login to your account. Once you’ve logged into your account, you will find your domain name. Now to change the name servers, just click “DNS” and then go to the nameservers section. Click “change” and select “Custom“. Then you will find two empty boxes, where you can enter the name servers provided from Cloudflare. Once you modify your nameserver in your domain name you can continue the setup in WordPress.
Step 4 – Install THE Cloudflare Plugin
Log into your WordPress dashboard and add the Cloudflare plugin. To install the plugin, simply visit the WordPress dashboard and click on “plugins” then click “add new“. Now look for Cloudflare Flexible SSL and once you got the plugin click “install” then “activate“.
Step 5 – Enable SSL Certificate
Once the plugin is activated in WordPress it’s time to enable SSL in Cloudflare. To change SSL, visit the Cloudflare web site and click on the lock icon within the high menu. Now scroll right down to “Always use https” section and so flip it on. Now once you switch it on, your website will be secured with SSL. If your website didn’t load properly, simply wait for some time to check again or load it from a totally different device. Cloudflare will also send you an email to keep you updated on the process so keep an eye out for that as well.
The Best way to secure your WordPress website
If you have followed the instructions above, congrats to you as you have just installed your WordPress SSL Certificate for Free. And moving forward visitors to your website will no longer see “Not Secure” warning but will be served an HTTPS version (https://www.yourwebsite.com) of your web presence.
And should you know any other ways of securing your website and installing a WordPress SSL certificate for FREE, feel free to share in the comments below.
Editor’s Note: This post was originally published in January 2019 and has been completely revamped and updated for accuracy and comprehensiveness. In addition, I believe in transparency. If you use my referral links above, then I will get a small commission at no additional cost to you.