If you’re looking to secure your WordPress site, there are two ways to do it: You can install an SSL certificate on your server or host. If you already have a hosting plan and want to generate an SSL certificate for WordPress, the process is very similar in both cases. In this tutorial I’ll explain how it works and walk through the steps needed for both methods.
Before you generate an SSL certificate for your WordPress site, make sure your site is hosted on a plan that supports HTTPS.
To check whether or not it does, log into your cPanel and click on the Security tab. If there are any boxes labeled “HTTPS,” then you can proceed with generating your certificate by following the steps below.
If there aren’t any boxes labeled “HTTPS” or if they’re grayed out (meaning that no certificate exists), then try using another browser to see if it works properly — and make sure that the site is running through HTTPS anyway!
You’ll need a text editor to open the .htaccess file, such as Notepad++ or TextWrangler.
To get started, you’ll need a text editor to open the .htaccess file. You can use any of these options:
- Notepad++
- TextWrangler (Mac)
- Sublime Text (Windows)
If you have another program, then feel free to use it instead!
Next, navigate to the directory where you installed WordPress.
For example, if you installed it in your root directory (such as c:\public_html), navigate to “public_html.” If you installed it in a subdirectory (for example, c:\wordpress), then use that same path to access your site.
Within this directory, find the “wp-config.php” file.
You should be able to see the wp-config.php file in your WordPress installation directory. If you don’t, look for it in this folder:
/var/www/html/wordpress/.htaccess
You will need to open up this file in a text editor and make sure that it has the right permissions (chmod 777). You also need to make sure that you have the right version of WordPress installed on your server before generating an SSL certificate; if not, there’s nothing wrong with trying again until it works!
Open this file with your text editor and add the following lines of code at the top of the file just below where it says “That’s all, stop editing! Happy blogging”:
- Open this file with your text editor and add the following lines of code at the top of the file just below where it says “That’s all, stop editing! Happy blogging”:
- Save and close the file 3. Open your browser to test 4
Once you save and close the wp-config.php file, refresh your WordPress Dashboard in a browser and log back in if necessary.
- Log in to your WordPress Dashboard
- Make sure you’re logged in as an administrator, then refresh the dashboard by clicking on the icons at the top of your screen (1 and 2) or by clicking on “Home” from within any post or page area of your blog (3).
Now it’s time to create an .htaccess file using your preferred text editor.
Now it’s time to create an .htaccess file using your preferred text editor.
An .htaccess file is a text file that contains special directives for Apache. These directives allow you to control how your website functions and what information is sent back and forth between the client and server. If you don’t know how to use one, then let me fill in the blanks:
- General configuration settings – Everything from changing URLs and security headers can be done here!
- AllowOverride (SO) – This allows you to specify which rules should be enforced on all requests from clients who are accessing secure pages/sites of yours. You’ll see this option below when we’re creating our own SO rule later on!
Copy and paste (or type out) the following into your new .htaccess file:
- Open a text editor (like Notepad++) and navigate to the folder where your WordPress installation is located.
- Copy the following lines of code into your new .htaccess file:
3a) RewriteEngine On
3b) RewriteRule ^(.*)/$ https://www.example.com/index\.php?blog/ [R=301,L]
Save and close this document, then upload it to your WordPress root directory via FTP or File Manager in cPanel (whichever you prefer).
Now that you’ve completed the steps in this guide, your website is now secured with an SSL certificate.
If you’re using FTP or File Manager and want to upload your certificate to the root directory of your WordPress installation, make sure that when it’s time to save the file:
- Click on “Save” (or CTRL+S). This will create an .htaccess file at the root of your site. If this doesn’t happen automatically, go ahead and click this button manually as well!
- Once saved, close all open windows except for File Explorer (which should still be running). Then right-click anywhere on one of those windows’ title bar (it’ll have something like “The Document Window” or “Folder Options”) and choose “Properties” from its context menu options. In Properties window click Security tab then click Edit button next to Local Level Security section where we just created this new rule earlier above!
You can easily add an SSL certificate to WordPress with a few simple tweaks to certain files.
If you’re looking to add an SSL certificate to your WordPress site, there are some important things to keep in mind. First, make sure that the host of your website supports HTTPS. This can be done with a quick check on their website or by contacting them directly and asking them if they support it. Next, download the .htaccess file from [HTTPS] (https://www.google.com/webmasters/tools/) and save it as htaccess_test_ssl_certificate_instructions-sample.txt so we can edit it later on in this guide without having access to a real certificate authority’s file format or web server configuration settings (e.g., specifying port numbers).
Once these steps have been completed successfully and without errors being raised during installation:
Conclusion
These steps will help you generate an SSL certificate for your WordPress site. Once you’ve followed these steps and completed the process of setting up your certificate, you can be sure that all of your visitors will be able to reach your site securely via https://.
