Google is cracking down on “not secure” websites. In this guide you can learn how to set up a free SSL certificate and remove the “not secure” SSL warning from your website. Let’s dive in.
What is an SSL?
An SSL is a security layer that sits between your website and your visitor’s web browser and encrypts the data sent between those two things. This is important because it encrypts and secures any sensitive data such as logins or credit card details that your website visitors enter into your website. Encrypting this type of data protects your user’s privacy and stops malicious third parties from stealing that information.
Keeping highly sensitive personal information safe from prying eyes is so highly important that Google has started warning people when an SSL is not active on a website by adding a “Not Secure” label to the page like this:
In this post we will give you some step by step instructions on how to apply a free SSL Certificate to your website, if you feel this guide is too technical then we recommend you speak to a WordPress developer. A developer of your choice can install an SSL normally just for the cost of their time (1-2 hours).
Step 1: Create a free Cloudflare account and add your domain
Head over to Cloudflare.com and create a free account and follow their prompts to add your domain. Cloudflare will generate an SSL certificate for you after you switch over to use their service, this can take up to 24-48 hours.
Step 2: Install a plugin called “Really Simple SSL” via your WordPress admin area
Login to your WordPress website and install a plugin called Really Simple SSL. This plugin will force your website to use the secure version of everything and fix a lot of the warnings that can happen after converting your website over to use an SSL
Step 3: Run a search and replace over your database
Install a plugin such as Better Search Replace to change the references in your database from “http://yourwebsite.com” to “https://yourwebsite.com” (the only difference is the “s” in “https”).
Step 4: Review your theme code for hand coded references to insecure URLs
Head on over to your website hosting account and review your theme, scripts and stylesheets for any insecure references since those will be flagged as insecure even if you have an SSL certificate installed.
Step 5: Let Google Search Console know about the change
Once you have completed the change and your website is looking secure you can head over to Google Search Console and login or create an account to let Google know that your website is now using an SSL. Google treats SSL and non-SSL as different websites, which is why you have to let them know about it.
Need help with your SSL setup?
That is all you need to do to set up a free SSL certificate. However I know this is a fairly technical post. But don’t sweat it – you are not alone. At WP Runner we can install a SSL Certificate for any of our customers once they subscribe to our $99 unlimited website maintenance plan.
Get an SSL certificate installed (and more) for just $99
We hope this helps demystify what is required to set up an SSL. If you have any more questions don’t hesitate to let us know in the comments below!