Wordpress Security Part 1 - SSL Certificates
What is SSL?
SSL stands for Secure Socket Layers and it provides a method of encryption and an authentication protocol through security certificates. It not only protects your data from unauthorised access, but that of your site visitors. A secured website will use the https protocol in the URL with a locked padlock in all browsers.
If you click on the padlock your browser of choice should provide you with information regarding the certificate. In my case, here is what Google Chrome says about my SSL certificate on my personal blog:
You not only want such a certificate, you NEED one. Google, scores websites with SSL certificates much higher than those without.
How do I get an SSL certificate?
While there are paid solutions offering liability protection in the event of a data breach, Let's Encrypt offer a totally free solution. Many hosting services provide support for installing SSL certificates from Let's Encrypt via their cPanel or domain manager of choice. Here is the page for my hosting provider, Dreamhost.
If your hosting provider does not fully support Let's Encrypt, there are ways of adding the SSL certificate via shell access, but that is beyond the scope of this post.
I have my certificate, now what?
As with most things Wordpress, plugins come to the rescue. While there are several, I use One Click SSL - available in the plugin repository. It has over 10,0000 downloads and an average score of 4.5 stars out of 5.
Once downloaded to your Wordpress installation and activated, you will be provided with a One Click SSL tab in the admin menu in the left hand column. Click on that to open the simple setup page.
As the instructions state, follow the two steps to enable SSL on your Wordpress site. Once enabled you will then have the following page open up under One Click SSL.
As you can see, the plugin correctly identifies my Let's Encrypt certificate and tells me it's valid and the expiry date.
It expires? Do I have to keep doing this?
Let's Encrypt certificates are valid for a period of three months. You need not worry though, as they automatically renew 30 days before expiration. Once a new certificate is issued One Click SSL updates its details for you in your Wordpress back-end.
As part of my hosting services via Steemblogs.club - announced yesterday - I will add Let's Encrypt certificates to all new domains, ready for the user to enable on their new Wordpress blogs.
Posted from my blog with SteemPress : https://www.muxxy.co.uk/wordpress-security-part-1-ssl-certificates/
Leave Wordpress Security Part 1 - SSL Certificates to:
Read more #security posts
Best Posts From GMuxx
We have not curated any of gmuxx's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From GMuxx
- PUMPKIN
- Dipping A Toe Back In
- Thar Be Dragons!
- Speed Up Your WordPress Site Part 2
- Speed Up Your Wordpress Site Part 1
- Wordpress Security Part 2 - Hide Your Login and Admin Pages
- Wordpress Security Part 1 - SSL Certificates
- Announcing Steemblogs.club
- We Have A Winner!
- Contest! 12 Months Wordpress Hosting and More!
- Getting to Grips with Gutenberg
- Transfer Local Wordpress site to Host and Back Again
- Install Wordpress Locally On Your System
- Been and Gone and Come Back Again
- Sunday Emergency
- High Kill Book Cover Design in 3D
- Steemfest Day 2 - MS Strikes!
- Witness no More
- Hello Krakow
- And So It Begins...Steemfest Bound