Loading ...
SSL and Your WordPress Site

SSL and Your WordPress Site

Many people think securing a website with SSL (SSL encryption) is necessary only if they’re selling products or services via their website and collecting credit card or payment information. What many website owners do not realize is that SSL encryption has other very important benefits for small business owners.

To understand the benefits of having an SSL certificate installed for your website, it helps to understand what SSL is and actually does.

What exactly is SSL encryption?

SSL, which stands for Secure Sockets Layer, is an encryption technology that creates a secure connection between your website’s server and your website visitor’s web browser. This allows for information to be protected during transmission between the two.

Without SSL encryption any computer could intercept the transmission from your browser to the server.

This includes the transmission of credit card numbers, usernames and passwords, and other sensitive information.

When your site is secured you’ll see that little green lock in the left corner of your browser’s location bar, followed by the website URL beginning with HTTPS. Data that is sent using HTTPS provides three key layers of protection:

Authentication: Confirms visitors are on the right website, yours, and builds trust.

Data integrity: Customer data cannot be corrupted or modified.

Encryption: Visitor activity cannot be intercepted while browsing your website.

What are my next steps, once I get a SSL certificate for my WordPress site?

Something I see on a daily basis is developers, hosters, SEO, etc forget one major piece after they apply the SSL certificate to a site.

They forget to change the links.  See WordPress stores every link, whether it’s a URL to another page, and image on a page, or a javascript theme file; and it does not change them just because you decide you want everything to be HTTPS.

After applying the SSL certificate, you will need to find and replace every last reference to your site containing a http://, and change them to https://

On top of this, if you link in anything from a 3rd party, like a RSS feed, or *gasp*, and iframe from Google, you will also need to update those links, otherwise their content will not show for you… or will display but will show your site as being non-secure for displaying mixed content.