How to protect your WordPress site with SSL (step by step)

What is SSL and why is it important?

SSL (Secure Sockets Layer) is a technology that helps encrypt data between your website and visitors to protect important information such as personal details, passwords, and payment information from being stolen or intercepted.

Installing SSL not only helps secure data but also increases user trust by displaying a padlock icon (HTTPS) in the browser's address bar. Additionally, Google prioritizes websites that use SSL, which can help your website rank higher in search results.

In this article, we will show you how to easily install and configure SSL on WordPress.

Step 1: How to Obtain an SSL Certificate

You can obtain an SSL Certificate in two main ways:

• Buy SSL from a provider – such as GoDaddy or Cloudflare, which costs about $50-200 per year.
• Use free SSL from Let’s Encrypt – a non-profit organization that provides free SSL.

Additionally, many hosting providers, such as Bluehost and Hostinger, often include free SSL in their hosting packages, which helps reduce the installation steps.

Step 2: Installing SSL on your website

If you are using hosting with free SSL, you can enable it from cPanel by going to the "SSL/TLS" section and following the provider's instructions.

If you installed SSL yourself, make sure you have installed the SSL certificate on the server. Then follow these steps to enable HTTPS on WordPress.

Step 3: Redirecting HTTP to HTTPS in WordPress

After installing SSL, you need to enforce HTTPS on your website by following these steps:

• Install and activate the "Easy HTTPS Redirection" plugin.
• Go to Settings » HTTPS Redirection from the WordPress control panel.
• Check the box  เปิดใช้งานการเปลี่ยนเส้นทางอัตโนมัติไปยัง HTTPS
• Select Whole domain to enforce HTTPS across the entire website, or select A few pages to use it only on specific pages.
• Check the box "Force resources to use HTTPS URL" to ensure that media files, such as images and videos, use HTTPS.
• Press Save Changes to save the settings.

When the process is complete, try accessing your website and check if a padlock icon appears in the browser's address bar.

Common solutions for SSL issues

1. Error "NET::ERR_CERT_INVALID"

If Google Chrome indicates that your SSL certificate is invalid, it may be because:

• Certificate expired – Contact the service provider to update
• Installation error – Check that your settings are correct.

2. Error "Too Many Redirects"

This issue is caused by redundant HTTPS redirection settings.  You can fix it by adding this code to the wp-config.php file:

define('FORCE_SSL_ADMIN', true);

si (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)

$_SERVER['HTTPS']='on';

Using SSL is an easy and important way to protect your WordPress website from cyber threats. It also helps increase your credibility and improve your SEO ranking.

We hope this article helps you install SSL and use HTTPS on your website smoothly. If you need more information, feel free to check out our full SSL setup guide on WordPress.