Sloth Gets Secure (Adding AN SSL Certificate to Your Website)


Now that Zip has added some structure to his website with some pages and categories, we’re going to go over adding an SSL certificate to his website.

What is SSL?

SSL stands for Secure Sockets Layer. We’re not going to go into the technical aspects of how SSL works, but it adds security to your website.

If Zip looks at his browser, he can see that there’s a little unlocked padlock symbol and the words, “Not Secure.” This bugs me and I’d install an SSL certificate just to get rid of that!

Fortunately, most web hosting providers will provide you with a free “Let’s Encrypt” SSL certificate now, and it’s not too hard to install one.

So I Need SSL on My Website?

Yes, if you’re going to have an online store, a membership site, or otherwise collect private data. But even for other sites, SSL certificates are becoming standard. It’s nice to NOT have a “Not Secure,” warning for visitors to your website.

Adding SSL to Your WordPress Website

Let’s Encrypt SSL Certificate in CPanel

Zip’s going to install a free Let’s Encrypt SSL certificate to through CPanel.

Time needed: 20 minutes.

Adding A Let’s Encrypt SSL Certificate in WordPress

  1. Log into CPanel and Click on Let’s Encrypt

  2. Install the Certificate

    Choose your domain and click “Install.”

  3. Check and See if Your SSL Certificate Has Installed

    Wait a few minutes and refresh the page and see if your certificate has installed. Most of the time, it’s pretty quick now, for some hosting providers it may take a bit longer.

    A note for Cloudflare users: If you already are using Cloudflare and are trying to install a Let’s Encrypt certificate, and your certificate will not install, try changing your SSL mode in Cloudflare to Flexible, try installing the certificate again. When it shows that it has been installed, switch it back to Full-Strict.

    In the photo below, you can see that the certificate is now active. If Zip checks the front end of his website, he’ll see that he now has a little closed lock symbol in the browser where the Not Secure warning used to be.

  4. Change Your Domain Name in Settings

    Go to Settings>General and change the beginning of the URL for your site from http:// to https:// and save. WordPress will probably log you out and you’ll need to log back in at this point.

  5. Check your website for any mixed content

    Check your website thoroughly. Zip sees that he’s getting a non-secure warning on his post. Read on below for more about that.

What if I Don’t Have CPanel?

Some managed hosting providers do not give you cPanel access. Usually, adding SSL on these hosts is pretty straightforward. Check their documentation and ask your hosting provider if you encounter any errors.

I had a client who had a very basic hosting plan but did have the option of a free SSL certificate. On this hosting provider, you could turn SSL on using a simple switch. My client had done this, but SSL still wasn’t enabled on her website.

For this, the Really Simple SSL plugin was extremely helpful in enabling that certificate on her website.

Mixed Content

When he looks at his website, Zip sees that his post is “not secure.”

He tries going to the dropdown under Action and HTTPS Settings in Let’s Encrypt and turning on “HTTPS Enforce.” This should enforce the SSL on all page on his website and redirect non-https pages to https.

Https in cpanel adding an ssl certificate

and then after that turning on “External Links Rewrite.” Sometimes, if you’ve loaded resources from other resources, thaat website doesn’t necessarily use SSL and your website will still show a non-secure warning or a mixed content error.

Turning this rule on should create a “rule” in a file called .htaccess which will tell WordPress to rewrite any non-http resources to https.

HTTPS rewrites in Cpanel adding an ssl certificate

But, guess what? He checks his post again and finds that this didn’t work.

Enforcing HTTPS and Rewriting Exernal Links in Siteground

Zip’s website is hosted on Siteground, so it came with their optimization plugin, SG Optimizer, pre-installed. That give him a couple of easy options for enforcing https.

Enabling SSL in Siteground Optimizer adding an ssl certificate

He switches on Enable HTTPS and Fix Insecure Content and IT WORKS! No more insecure warnings.

But What if I Don’t Have Siteground?

But you might not have Siteground, and I intend to make this series for beginners. You can install a plugin to do the same thing. Try the WP Enforce SSL plugin, or again, Really Simple SSL, but you may need to get the pro version to diagnose mixed content warnings.

Of course, you could add rules to your .htaccess file, but that’s beyond the scope of this beginning tutorial (we’ll save it for another post.)

And there are times when some of your files may not get changed to https://. You might need to use a plugin like and do a search for replacing it with (and always do a test run first.)

But, right now, SSL on seems to be working just fine!

Let’s get on to design and adding a theme next!

Cute sloth with Yay adding an ssl certificate

How much love or how many cups of hot coffee does this post deserve?

Click to rate it!

Average rating: 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

As you gave this post a good rating:

Follow us on social media!

We're sorry you didn't like this post.

Help us improve!

Tell us how we can improve this post.

Cheryl Dimof
Cheryl Dimof
Cheryl is a "retired" Occupational Therapist who loves writing and is a WordPress enthusiast. She used to be like Rapid Rabbit, but these days, her spirit animal is Zip the Sloth.She's looking forward to getting more active again, though, and likes cycling, kayaking, meditation, reading and writes/blogs a lot.In fact, she crazily writes several blogs: Pacific Northwest and Beyond, Caffeine Journal, and as she actually worked in geriatrics and is actually getting older herself, is writing a blog about that: Ancient & Awesome.

More from author

Subscribe to Comment Notifications
Notify of
Inline Feedbacks
View all comments

Related posts

Write Something!

If you have a WordPress or blogging tip to share, consider writing a short post here.

Latest posts

Adding Google Analytics to WordPress

Zip has installed an SEO plugin. So he probably wants to be able to find out how many visitors are actually coming to his website and what pages they are viewing. In this post, he'll install Google Analytics using a plugin so he can start viewing analytics data for his new website.

How to Use Yoast to Configure Your Post for SEO

Zip's added the Yoast SEO plugin to his blog. Let's look at how he can optimize a post (or page) for search engine optimization using the Yoast plugin as well as some things to keep in mind when using this helpful plugin.

Sloth Installs an SEO Plugin (Why You Should Use an SEO Plugin and How to Configure Yoast SEO)

Zip has completed basic design work on his blog. Next, he's going to move on to Search Engine Optimization. In this post, we briefly look at some of the plugins available to help with SEO, and install and configure the Yoast SEO plugin.

Keep Up on Our Latest Tips

Subscribe to our email newsletter, and you'll receive a weekly digest of new posts, and occasional newsletters or special offers. You can change your preferences or unsubscribe at any time you'd like.

Psst! Hey you! Yeah, you. Want to leave a comment?x