An Introduction To The Process of Adding SSL And HTTPS on Your WordPress Site


Website security has become a grave issue for millions of website owners. With the growing number of businesses moving their products online, ensuring that their website is secure against hacking attacks is critical. Even though WordPress boasts an incredible set of features and other technical finesse, the hacking geniuses are always out there to discover security lapses and thus cripple the legitimacy of your site.

One of the dependable ways to concrete the security of your WordPress site is by utilizing a valid SSL and HTTPS certificate. This will allow users of your site to exchange information using a secure, encrypted data protocols.

In this post, I am going to explain you about the basics of SSL and HTTPS security certificates. I will also talk about the installation process of these certificates in your WP site.

What is HTTPS and SSL?

These days a lot of personal information is shared or exchanged on the web, especially while making purchases when you are asked to provide financial information such as credit/debit card details, etc. To ensure the sanctity of the data being transferred, it is crucial to purchase an SSL (Secure Socket Layer) to make it incomprehensible for the malicious attackers to penetrate your website and destroy anything that’s confidential.

SSL (security socket layer) – It’s a security technology that allows you establish an encrypted connection between a server and the web browser. The layers makes sure that all the information transferred passed between the browser and the server remain secure against any kind of security eavesdropping.

HTTPS- It’s basically a secure URL scheme with an identical syntax as per the standard HTTP scheme. You can ask your visitors to use HTTPS when logging in or doing any task within your website.

For the identification purpose each site is given its own unique SSL certificate. There shouldn’t be any mismatching between the site server and its HTTPS certificate, if any mismatch is detected, the browser immediately warns the user before using the website. This way a trusted connection can be established between the visitor and the website.

Why One Must Care About Purchasing SSL and HTTPS Certificate?

An SSL certificate is essential for any eCommerce site as there is an increased tendency of information sharing exists in these websites. In fact, there are so many reputed payment service providers such as PayPal, Stripe,, etc, require you to make use of security related certificates to ensure a safe online shopping experience.

Google has also announced that opting for HTTPS and SSL certificate can help you take your website at the top of search engine ranking. This implies that sites with SSL certificate are more SEO friendly as compared to the ones which are not.

The encryption within HTTPS provides several benefits like confidentiality, integrity, and security of the information such as addresses, credit card numbers, phone numbers being transferred. It’s a secured version of HTTP and uses Secure Socket Layer (SSL), which allows site users to share information via an encrypted portal.

Setting Up SSL/HTTPS in WordPress

For those who run a WordPress powered website and want to use HTTPS on their website, you need to begin with updating the URL of your website.

For this go to Settings>>General and update your WordPress along with the URL. |

Next, you need to set up an SSL redirect to your current website. For this, add the following code to your .htaccess file.


Make sure you replace the with the actual name of your website. For those who run their site on nginx server, add the following code to redirect from HTTP to HTTPS.

The above mentioned steps will help you reduce the chances of your WordPress site displaying error messages as all your site URL and content is now on SSL.

If you own a WordPress multi-site and want to add SSL and HTTPS certificate on it, then start it by configuring SSL in wp-config-php file by adding a line which reads “That’s all, stop editing!” in the same file.
define('FORCE_SSL_ADMIN', true);
The above mentioned line of code can be set to true to force all logins and admin sessions to be performed over SSL.
Also, if your WordPress site makes use of content delivery network to render it content, make sure that all the URLs are HTTPS, to prevent hackers gaining an unauthorized access to your website.
Wrapping Up
Hopefully, you have enjoyed reading this tutorial and should have now gained a comprehensive knowledge about adding SSL/HTTPS certificate on your WordPress.