As I look after few websites including my own of course and now that Google is using website security as one of the important ranking factors, I’ve decided to upgrade all of the websites to https secure protocol. As an added bonus, I’m going to show you how to do it yourself and have the SSL certificate issued for free, saving you around $US40 every year!
Below this video that goes into all the required detail, I’ve listed the rough 6 steps that will have your website updated to SSL certificate https secured site.
Here are the rough steps before we go into more details.
- Obtain a free SSL certificate from https://www.sslforfree.com/.
Once you have your certificate, you will need to log into cpanel – www.yourwebsite.com/cpanel and upload the certificate. - Update your WordPress address from http to https.
This is done from your WordPress admin page www.yourwebsite.com/wp-admin - Update your WordPress website database to use https.
Use Better Search & Replace WordPress plug-in for this step - Setup 301 redirects & canonical for all traffic to use https
You will need to paste this code into your .htaccess file also within cpanel#Redirection code starts
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#Redirection code Ends - Update Google Analytics & Google Search Console
- Check your website is secure at https://www.whynopadlock.com
- Optional only if after these 6 steps, your website is still not showing the padlock icon confirming security.
You may have to use SSL Insecure Content Fixer WordPress plug-in to clean up your non https content automatically. See the video that shows you detail.
Your Connection to This Site is Not Fully Secure warning message – fixed below
**UPDATE
How to UPDATE Your FREE Let’s Encrypt SSL Certificate after 3 months
Let me know how this worked for you in the comments below and I’d be happy to answer any questions.
Followed all steps. Even the second video.
It’s still not working.
I see your site looks fine to me, let us know.
Hello Dario, great tutorial I follow all the steps, now all my site are showing the secure padlock except the homepage. I don’t know what else to do. Can you help me
Looking good now
thanks bro
Doesnt work for me.Still shows me the not secure red text.Pls help
Thank you very much Dario, what an amazing tutorial. Everything worked perfectly!
Would it be possible to have your support when the certificate expires and I need to renew it?
Done
https://www.youtube.com/watch?v=rnXTU-cO6gI
🙂
I have the same issue on my home page only. please help me with that.
Hello Dario,
Its a great Tutorial.
I followed your tutorial and it worked successfully for primary domain.
When i try doing it for the add on domain it fails.
My question-
– Should the add on domain’s certificate to be uploaded in the same folder , where primary domain’s certificate is placed? I tried, but it gives an error.
It would be great if you can help or make a tutorial for add on domains as well.
Any advice would be me guessing without googling it first. I know that I have a website where I had 2 installations of WordPress as in www . website .com and another inside the /second-wordpress yet I only needed one primary certificate for the main site (main WordPress installation). I know this is different but I’m hoping it could lead you down the correct path.
Thank you for this article. I manage to add SSL on my site kodementor. com Cheers!!!