Updated: January 2, 2018
Filed Under: WordPress Development, WordPress SEO
It has never been more crucial for you to have an SSL certificate on your website. I have made several videos on the topic to further convince people.
Here is a list of web hosting providers that include free SSL certificates for all websites when using their service.
Not everyone is going to use one of these web hosts, so here is a tutorial on how to add a free SSL certificate to any website regardless of which web host you are using.
How To Install A Free SSL Security Certificate On Your WordPress Website
Welcome back for another video my name is
Adam from WPCrafter.com were I make videos
for non-techies now this is to be a longer
than normal video and working to talk SSL
and that is adding a security certificate
to your website working to talk about what’s
the difference between some of the the paid
certificates and the free certificates and
what Webhost will except I want to try to
explain everything in this video as concisely
as possible now let me first tell you in SSL
certificate has nothing to do with website
security of someone hacking in your website
it has nothing to do that and the reason I
bring bring this up as I did make an SSL video
before some guy was all criticizing me that
I didn’t have an SSL certificate on my website
in and I’m not practicing what I’m preaching
and stuff like that but SSL certificates are
for securing in encrypting information that
goes from your website to someone’s computer
that’s what it’s doing is not preventing someone
from hacking into your website now typically
if you’re going to take any kind of credit
card payments on your website now nothing
about PayPal and someone goes your website
clicks a button and then it takes them over
to PayPal that does not require an SSL certificate
because all the payment information goes back
and forth on PayPal’s website not your website
but if you want to use the PayPal where you’re
actually taking the payment on your website
or if you want to use stripe which is one
of the most popular online payment integrations
for pretty much any e-commerce platform then
you need an SSL certificate on your website
so that information that goes back-and-forth
will be fully encrypted now there’s different
types of security certificates there some
free ones and there some that cost reasonable
amounts of money like 10 or $20 or $50 and
then there’s some that are in the hundreds
of dollars and I just kinda want to explain
in layman’s terms what’s the difference between
all of these so for instance let me just show
you that the easiest way is to show you all
and let me go back if you see on my website
I did add an SSL certificate to my website
Lemme let me step back a minute the reason
why you really want to give some serious consideration
to adding an SSL certificate your website
is because number one it’s a and SCO factor
for Google so basically if you had the same
content on a non-SSL site and and and a website
that did have a certificate Google’s gonna
favor the one that has the security certificate
Google wants everything encrypted so much
so in the year 2017 on the Google Chrome web
browser they are going to have notices when
people go to a website and it’s not running
behind an SSL certificate so this right here
is an image of what that warnings gonna look
like so right now you can see right here is
if someone was on your website and trying
to login it would look normal that’s Outlook
today but come 2017 this big warning sign
this is not secure is going to show and that
might freak some people out in people the
average users not even in the know what the
heck that means they’re going to think that
the whole website is not secure so that would
appear kind of right here this nonsecure message
so that is a another important reason why
you have a lot of web people saying right
now you really want to get onto an SSL certificate
and start encrypting the traffic on your website
so that is that so those are two reasons why
you really gotta give some strong consideration
to implementing it now there are some different
categories of paid certificates so when you’re
looking at a Google search I just did a quick
search for by SSL certificate and I want to
show you the difference between what a six
dollars certificate costs and looks like in
a web browser and what a more expensive and
the hundreds of dollars certificates can look
like and so let me just click on this first
adhere kinda stinks there good paper that
click this is a normal certificate you got
the padlock in the top left and it says in
green HTTPS that your typical basic security
certificate let me show you the difference
between the ones that cost a lot more when
I click on this link you see right here it
doesn’t just have the padlock it says in green
the name of the company that is called an
EV certificate which stands for extended validation
certificate and those of the ones that cost
in the hundreds of dollars so for instance
this website right here sells that EV certificate
for $300 so it’s gonna cost a lot more so
six bucks or even freeing him to talk about
that will give you get to this padlock and
that’s what I have but if you want to spend
more money now if you’re a big e-commerce
website or if you have anything to do in the
banking financial industry you really want
to pay the money and get the EV certificate
to have it say your name there you really
that that’s a must that’s a definite must
but if you’re just the average web user and
you’ve got a website and you don’t want people
to get that morning when they’re using Google
Chrome and visiting your website then a basic
certificate is going to be fine so let me
show you some of the options to get a free
certificate there is a new project that started
I think it might’ve been in 2015 called let’s
encrypt and they are a free certificate issuing
entity so you can essentially get a security
certificate for free now there are a lot of
Webhost that support let’s encrypt and there’s
a lot of Webhost that don’t and I don’t know
why Webhost in 2016 I think was early 2016
it was in all the news and so I wonder if
the Webhost are taking a wait-and-see approach
with them and that’s why they don’t so all
your big name of Webhost do not support let’s
encrypt security certificates including the
Webhost that I use and I recommend which is
InMotion hosting they don’t support it at
all now there’s an alternative if you want
a free security certificate on your website
and I use this extensively and it’s through
a company called cloud of flair they make
it super easy I want all my websites through
cloud of flair they give you a content delivery
network is a free service by the way a free
security certificate and they’d have some
denial of service protection of someone’s
attacking your website they protect you from
that as well and you get all this for free
so in this video I just want to show you how
to get a free certificate with cloud of flair
running on your website and one of the reasons
I wanted to make this video was for people
that I’ve suggested go to InMotion hosting
and then they want a free security certificate
that’s why wanted to make this video that
you just wanted to pay for a security certificate
you’re fine with that by far the easiest way
is just the log into your web hosting and
order it some it might be 50 bucks or 100
bucks and they do everything for you and some
of them require was called the static IP address
all this techie stuff but they’ll handle it
all for you you just pay the price and that’s
an annual fee if you wanted to do something
like that that that’s by far the easiest I
know with InMotion hosting that button right
there you just click on it you pay for it
and you’ll have your certificate in 24 hours
so if you want to do it that way that’s totally
fine or you can go the cloud of flair route
now with cloud flare what you’re going to
do here and sign up for free accounts and
then you’re going and let’s just let us take
a look at it together she come here you’re
gonna click on hoops I didn’t actually want
to see this video you want to just go ahead
and click right here on sign-up in its gonna
take you to this page to get a free cloud
flare account just popping your email and
choose a password agree you’ll get an email
you click on it it just verifies your email
address and then you can login for the first
time in which you want to do is you want to
click on this plus add site right here in
the menu on the top right and the right here
you’re just going to put in your website URL
so if I go to show demo.com which is one of
my websites and then click on begin scan then
what is going to do is it’s going to do some
scanning of something called your DNS records
I know it’s a little technical so it’s gonna
get those records and then it’s been instance
can a request for you to make a change where
your domain names are registered so if you
have your domain name registered it in motion
her name cheap I use name cheap you will have
to make a little change to what’s called your
DNS records are your answer you can make a
change your name server not your DNS records
so it’s doing is little scan and it should
just take a moment and it’s going to give
us some more options that will look at together
I’ve been using cloud flare for probably the
last two years it’s pretty amazing service
what they do and the and also through using
it service will speed up your websites when
people are visiting your website the experience
will be more fluid and more fast okay so stunned
doing it scan you would go ahead and click
on continue set up now right here it’s showing
you some technical things it’s just it’s just
verifying and confirming your DNS records
now this is a little bit too technical for
most people and that’s okay you can just scroll
down to the bottom and then click on continue
its to be right these DNS records okay so
right here you’re going to choose a plan and
you’re just going to go ahead and choose the
free website plan like that and you can see
right here it’s the free SSL go ahead and
click on continue and this is where you need
to change your name servers so right here
it shows me my current name servers which
are with InMotion hosting but I need to change
it
and then type in the word change name server
and you will have instructions for itself
if it’s name cheap that you’re with you can
even contact their support and I’ll tell you
what to click on and how to do it it’s usually
pretty easy in these control panels when you
log in and you look at your domain name don’t
be something there that says said her change
your name servers and that is something that
you’re going to have to do in order to get
it to work you needed to change it to these
two check name servers that it gives you to
change it and what this accomplishes is now
when someone visit your website their first
going to flow through cloud flare and what
cloud flares can do is some of the content
it’s going to serve up off of their servers
which makes your website load a bit quicker
and it’s also been allow them to put that
security certificate in so you can want to
go ahead and do that and when you make this
change it might take a few hours to go into
effect and you’ll come here and be able to
verified some just going to go ahead and click
on continue and see how it’s a status pending
its goodness that say status pending until
it verifies that this changes done in this
change goes into effect and by default you
can see right here it’s going to add a security
certificate but I want to go ahead and click
on full and what you’re going to want to do
is changes from full to flexible and flexible
is going to be the most easy way to get the
security certificate on your website you can
easily click help right here to read what
the differences but just go ahead and choose
on flexible and you don’t have to click save
it’s one of the things I like about cloud
of flair they are good soon as you change
the option it’s going to save that for you
so now it’s just a waiting game you’re probably
going to have to wait 24 hours for the certificate
to be issued and if you make your change to
the name server for that all to go into effect
and what you’re gonna want to do as you gonna
want to test your website by entering a HTTP
as and then the website URL in seeing if it
gives you what’s called a certificate warning
so that’s a warning that says there’s no valid
certificate now if the certificates been issued
it’s not can give you that warning now all
that’s good to be left is you’re going to
have to install a plug-in on your WordPress
based the website and what this plug-ins going
to do is it’s good to do everything word press
needs to make it so whenever someone visits
your website they’re going to get the HT TBS
the secure version of your website so someone
types HT to and then your website URL it’s
gonna redirect them to the secure version
HT to the and that’s what this plug-ins can
to do which is called really simple SSL I
have a full video on the plug and it really
easy all you have to do is go to plug-ins
add new search for really simple SSL install
and activate in a pretty much does everything
for you it couldn’t be any easier and I have
a video on that up with a link to that video
down below also put some links to cloud a
flare for you and I’ll put a link to let’s
encrypt it as well but this is the easiest
way to get an SSL certificate on your website
so in January when Google Chrome’s going to
start throwing up that warning you will not
have that warning for your website visitors
and you’ll also get this SCO boost in this
SCO benefit of having a security certificate
on your website so that’s all there is to
installing a free SSL certificate on your
website now I know this might be a little
more technical or a little more complicated
than some of my other videos if you need help
in this process feel free to leave a comment
down below and I’ll gladly respond to you
and help you in any way if I might’ve left
a little piece here out or there if you’re
running into any trouble I totally want to
help you get an SSL certificate on your website
before you go I have something for you and
before I get into that I wanted to ask you
to do something for me if you could give me
a thumbs up on this video and if you’re not
a subscriber click on the subscribe button
right beneath me if you have a question on
this video be happy to answer it you can also
leave a comment or question down below this
video hey I put together a course and just
for you and I’m in a give it to you for free
all you have to do is click on the button
right here on the right it’s called the three
steps to WordPress success it’s an awesome
course you’re gonna love it I would love for
you to join in and enroll as a student in
this course thanks for watching this video
I really appreciated and I do it just for
you that there’s a lot of Webhost that won’t
support it but I do know they had some security
problems with the certificates to these now
if you don’t know how to do this you can easily
Google it and come up with an answer so you
would google the name of where your domain
names are registered
Hi Adam,
Thanks so much for this video!! Great info. I currently have an SSL certificate on my site from AccuwebHosting and it was set to renew 4/9/19 so I cancelled the renewal and then installed the SSL certificate as you described with cloudflare.
I already had the plugin: SSL Insecure Content Fixer. Do I still need to install the Really Simple SSL plugin? Or, am I good to go with the plugin that i have?
I did contact my host provider to tell them that I had installed the free SSL certificate from CloudFlare.
Anything I need to consider regarding switching from a paid SSL to a the free one?
Appreciate all your advice!!
Thanks,
Pam
That sounds great Pam. The plugin you have should be all you need. I have not used it before though. You may need to change the site URL to https in the settings. You will see it Settings > General
Hey Adam,
Great video! So i’m running WordPress with Godaddy… I followed the video and it worked within an hour on one of my sites, but im in the 24th hour of my main site, that i really need the SSL cert on, and still, “Not Secure”… any ideas?
Thanks,
Mike
It can take 24 – 48 hours.
Hey Adam,
I am Ashish Kumar. Yesterday, I came across your youtube video about Free SSL from Cloudfare. I implemented all the steps you mentioned in the video. Fortunately, I got free SSL in 6 hours. However, I am having issue while logging in my WordPress admin panel. Actually, It doesn’t allow me log in and sometime it redirects back to the same admin panel. What can i do to fix this issue ?
Also, I want to know. How much time it takes google to update my URLs?
Even though you got the SSL certificate in six hours you still need to wait 24 to 48 hours for the changes that you made to your DNS servers to propagate across the Internet.
Hey, I have watched your video last night and i actually did all that the video has said And now, everytime i check/ go to my website studentsnotebook.ml it says “server ip address could not be found “. Pls. Help me! Thanks
I’m trying to add the SSL certificate has shown. When added, all my site is fine, except one page that can’t load. My programmer says it’s because it is a query from another site that has HTTPS and it interferes with MY certificate. If this is so, how can I fix it ? (My programmer says it can’t be done, I’m pretty sure I’m not the only website owner with that issue. Surely there is a solution!) What is your take on it, and maybe to a video to help others 🙂 Thank you
Yes if you have anything embedded in your website that is not loading via https, then that page can’t load over https.
Hello! I would like to get cloudfare ssl for my personal website but I do not know if that is possible. I have a GoDaddy WordPress hosting.
Yes it’s totally possible. Just follow along in the video.
Hello thanks for the video, wanted to ask you signing up and getting free ssl from cloudflare will it affect your host with ur hosting company?? Will you have any issues with your hosting company
No not at all.
Do you recommend any special setup to get Cloudflare to work on an addon domain? On my primary domain it works like a charm, but the addon domain breaks/won’t even load as soon as the Cloudfare nameservers get changed. My Let’s Encrypt cert. expires in 3 days and I’d love to switch to Cloudflare per your recommendations.
If you setup Cloudflare and then later add a subdomain, you will have to manually add an A record in Cloudflare for this subdomain. I know it sounds a bit technical, but it is really easy.
Big question: use the inmotion free SSL or the cloudflare service?
I personally will use Cloudflare because the Cloudflare service has many other benefits.
Very well said, and easy to understand how to add SSL Certificate.
Thanks.
Thanks for showing us how to get a free SSL cert. CloudFlare worked perfectly. But for those adding the Really Simple SSL plugin to a live site, I would recommend waiting for the certificate to be issued from CloudFlare before activating the Really Simple SSL plugin. Otherwise, the plugin will try to search for the secured version, and you’ll get a default InMotion Hosting page. At least that’s what happened to me. Once the certificate was issued though, I regained access to my blog, and all is well again. =)
Adam, I assume I can use CloudFlare on non-Wordpress sites too. So without the Really Simple SSL plugin, will users just see both http: & https: pages, depending on what they type in their browser? Do you foresee any possible issues using CloudFlare on non-Wordpress sites?
Thanks again Adam for the awesome video. =)
Yes, you can easily use it on non-WordPress websites. In fact, I do!
And yes you are correct, I would STRONGLY recommend waiting 2 – 3 days.
Hi Adam, The free SSL from CloudFlare apparently does not allow anyone who is using an older operating system (like XP) view a site at all. The “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” shows up in Chrome browser. Most people I know of refuse to “upgrade” to the newer Windows “garbage” (in my opinion) and some are ditching Chrome rather than their XP’s. Most, however, probably have no idea what to do – and this is a potential huge loss of traffic. I think that there are probably a very large number of users on older systems and I don’t want my site to be unavailable to them. I’ve been searching for a “workaround” for hours and coming up empty. Do you know of any way to make a site “visible” to those using older systems? I found some custom code to put in php to make older versions ignore the SSL…but either the code isn’t good, doesn’t work or I’m doing it all wrong. Can you help? Thank you so much.
I wonder if that is a cloud flare issue or SSL certs in general. Although XP is a very old operating system, what 16 years ago.