No site in this day and age should be without HTTPS. But do you know how to enable it for your WordPress powered web presence? In this article, I explain the importance of HTTPS to security and SEO and demonstrate how easy it is to stand up an HTTTP-enabled WordPress site on a managed host like Kinsta.
The Importance of HTTPS
Web site traffic flows over the Internet using something called the HyperText Transport Protocol, or HTTP. HTTPS is a version of HTTP that uses Secure Sockets Layer (SSL) technology to encrypt all communications between your Web browser and a Web server. A site secured by HTTPS appears in a Web browser with a lock icon next to it, indicating to visitors that any data they send to a site will be securely encrypted.
HTTPS is the foundation of the secure Web. Without it, no one would be able to transmit sensitive data – e-mail addresses, credit cards, social security numbers – without worrying that a hacker could intercept their data and use it for nefarious purposes. The encryption provided by HTTPS makes such theft practically impossible.
It’s not hard to see, then, why HTTPS has become so critical for Web sites. A site that uses standard HTTP with no encryption is the mark of a fly-by-night operation. To put it bluntly, a site not running HTTPS shouldn’t be trusted.
Besides the perception of safety, there’s another solid reason to use HTTPS: Search Engine Optimization (SEO). Google ranks sites that use HTTPS higher than those that just use HTTP.
Easy to Say, Hard to Implement?
That’s all well and good, you might say…but how do you actually do it?
All Web hosts implement HTTP pretty much by default. And, in the past, turning on HTTPS was a difficult (and costly) process. It required obtaining an SSL certificate, a document containing the details of you and your organization. The process was fraught with process and technical hurdles.
Implement HTTPS in Kinsta with a Couple of Clicks
Luckily, things have improved vastly in the past few years. A service called Let’s Encrypt that provides free SSL certificates has become something of a de facto standard. And WordPress hosts like Kinsta make activating HTTPS as easy as clicking a button.
Once you create your first site in Kinsta, you can go to your site’s Tools tab in the Kinsta Dashboard. There you’ll find an SSL certificate section. Click a button and Kinsta will use Let’s Encrypt to create an SSL certificate for you. You can (and should) also click the Force HTTPS button next to it. This will re-route all HTTP requests to HTTPS.
And like that, you’re done! Well…almost. You’ll also want to do a couple of following simple setup tasks:
- In WordPress, under Settings -> General, change your site address so that it’s using HTTPS.
- If you have any hard-coded pointers to HTTP assets in your theme (CSS files, images, etc.), change them to HTTPS. Failing to do so can result in a “mixed content error” on your Web site when customers visit it.
There’s no excuse not to use HTTPS in this day and age. If you haven’t selected a WordPress Web site host yet, make sure you choose one like Kinsta that makes enabling this important site enhancement painless.