Installing an SSL certificate on your domain is an essential step you should take to secure your WordPress site and now with Let’s Encrypt you can get one for free.
AnSSL certificate encrypts the connection between your site and your visitors’ browser so hackers can’t intercept and steal personal information. Normally, SSL certificates can be cumbersome to install and can get expensive, but this is changing fast.
Let’s Encrypt is a new open source certificate authority that’s backed by top companies, including Automattic, the folks behind WordPress, as well as Facebook, Mozilla, Chrome, Cisco and Sucuri. The project aims is to make installing SSL certificates automated and free for all.
Let’s Encrypt has an automated installer called Certbot that can help you add a certificate to your site in a few minutes or less. Certbot is currently in public beta and you can expect many changes in the official release, but the current version is stable enough for you to try on production sites.
What is Let’s Encrypt, Certbot and SSL?
SSL (Secure Socket Layer) certificates were first created in 1996 to encrypt the connection between a website and its end user so that the data that’s transferred back and forth is secure. Encrypting data means scrambling human readable text with strings of letters and numbers that can only be deciphered with what’s called a secret key.
Encrypting data means scrambling human readable text with strings of letters and numbers that can only be deciphered with what’s called a secret key. As long as the secret key remains hidden, encrypted data can’t be understood by anyone which makes it the most secure way to safeguard information over the internet.
You can tell when a site has an SSL certificate installed when you see a green padlock displayed in your browser’s address bar along with a
https prefix to the URL of the visited site, rather than the standard
SSL certificates are installed on domains and one certificate should be installed per domain.
The site that’s attached to the domain gets secured with encryption when the SSL certificate is active. No matter what browser or device your visitors use to access your site, as long as they enter your site’s URL with
https at the beginning, their connection is encrypted and secure.
Using an SSL certificate for your WordPress site means that your data, as well as your users’ data, remains safe from prying eyes. Since WordPress is a particularly large target for hackers due to its popularity and transparency, it’s important to take all the appropriate steps toward securing your site.
While WordPress itself is secure if you have the latest version installed , the more obstacles you can place in a hacker’s way to make their attacks more difficult, the less of a chance there is that your site will be compromised. One of the ways you can add an extra layer of protection to your site is by installing an SSL certificate.
Any site that exchanges information with a visitor whether it’s an eCommerce site or accepts user logins needs an SSL certificate. Since all WordPress sites require at least one user to log in, it’s recommended that all WordPress sites have an SSL certificate.
For more details on SSL certificates and how they can help secure your site, check out How to Use SSL and HTTPS with WordPress .