Make WordPress More secure with Forcing https
Data security has become a big issue as the Internet has evolved. In the past year or so Google has been making a push for all websites (not just WordPress) to transition to https. In 2017 web browsers started showing not secure warnings in the address bar if you had a web form on the page. As of July 2018, any website that loads in Chrome browser that does not have a secure certificate will show “Not Secure”. If you’ve ignored this up to this point, now is the time to do something about it.
What is HTTPS?
HTTP (hyper text transfer protocol) is the protocol used for communication of data over the Internet. HTTPS allows for secure transfer of data.
Other terms related to transferring data securely on the Internet:
- Secure certificate
- Security certificate
- Secure Sockets Layer
Why update your WordPress site to https?
- Ethically you should be protecting users data submitted on your website.
- Website errors and warnings look unprofessional.
- It will give you (minor) improvement with SEO.
- It is standard to protect data privacy.
Redirect http to https for WordPress
Just buying a secure certificate does not make your website redirect to https://
The steps to redirect http to https are similar for any website, not just WordPress.
You need to acquire and install a secure certificate. I say “acquire” rather than purchase because depending on your website needs, and what your web host offers, you may be able to get a free secure certificate.
Once a secure certificate is installed on your hosting account, this does not mean that your site is secure.
You need to configure your website to force it to only load on https
You need to review all pages on your website to make sure there are not any non secure references to image, third party scripts… If anything on the page is loading from a not secure connection, then the entire pages is not secure.
You need to update your Google Search Console so the https version of your website is the primary version.
Comments are closed.