Activating a Free SSL Certificate for WordPress

Making your WordPress website secure and trustworthy is important. One way to do this is by getting a free SSL certificate. An SSL certificate is a security tool for websites. It creates a safe link between the website and the visitor's browser, making sure any information shared is kept private. This helps protect personal information like passwords and credit card numbers. Websites with SSL certificates can be recognized by the "https" in their web address and a padlock symbol in the browser bar, showing the site is secure and trustworthy.

This guide will show you how to set it up step by step. By following our instructions, you'll be able to activate your SSL certificate quickly and easily. With a secure SSL connection, your website will be safer for your users and more trustworthy for search engines.

• Why Do I Need an SSL Certificate
• How Do I Use the Free Shared SSL Certificate
• Enabling the Free SSL Certificate
  • Force HTTPS On All Pages In .htaccess File
  • Upgrading from Free SSL to Paid SSL
• Disabling the Free SSL Certificate

Why Do I Need an SSL Certificate

There are different reasons why you need to install an SSL Certificate for your website. Such as:

• Security: It encrypts the data exchanged between your website and your visitors, protecting it from being intercepted by hackers. This is crucial for any website that handles sensitive information, such as credit card details, login credentials, or personal data.
• Trust: Websites with SSL certificates display a padlock icon in the address bar, signaling to visitors that their connection is secure. This builds trust and credibility with your audience, showing that you value their privacy and security.
• SEO Ranking: Google and other search engines prefer websites that are secure. Having an SSL certificate can help improve your website’s search engine ranking, making it more visible to potential visitors.
• Compliance: Certain regulations and standards, like the Payment Card Industry Data Security Standard (PCI DSS), require websites that process credit card information to have an SSL certificate as part of their compliance measures.
• Preventing "Not Secure" Warnings: Modern browsers alert users if they're visiting a non-HTTPS website, often displaying a "Not Secure" warning. This can deter visitors from staying on your site. An SSL certificate ensures your website is accessed via HTTPS, preventing these warnings.

How Do I Use the Free Shared SSL Certificate

Bluehost offers free SSL certificates for all domain names that are assigned or parked in your account. For the most part, the SSL will install and assign itself to all of your domains — new and old — but certain users might need to manually enable the certificate.

Enabling the Free SSL Certificate

To activate your Free SSL certificate, connect your website to your Bluehost account. If it's already linked, redirect visitors from HTTP to HTTPS (see next step). For domains managed elsewhere, create an A record in your provider's DNS and link the domain to Bluehost to enable the Free SSL.

1. Log in to your Bluehost Account Manager.
2. Click Websites on the left side of the navigation menu.
   
3. On the website management page, navigate through the website you need to manage and click the SETTINGS button.
   
4. Click on the Security tab.
   
   • If the SSL is configured correctly, its status will display as Active.
   • If it shows In Progress, you should have received an email with instructions on how to activate your SSL.
5. Click the three vertical dots icon and select View SSL Logs.
   
6. You will be taken to your cPanel. Choose your domain name and click the Run AutoSSL button.
   
7. Once successful, it will show you the green padlock icon with "AutoSSL Domain Validated" status.
   

Force HTTPS On All Pages In .htaccess File

The Free SSL does not automatically enforce HTTPS on your domain or subdomain; it must be activated manually. This can be done by updating the .htaccess file to apply HTTPS across all pages. The steps for enabling Free SSL may differ based on how your website was created. To learn more about it, check out our article How To Force HTTPS On All Pages In .htaccess File.

Upgrading from Free SSL to Paid SSL

For business owners, switching from a free SSL to a paid SSL might be your top choice to boost website security. Paid SSL certificates frequently include warranty coverage and support for multiple domains or subdomains, making them ideal for e-commerce or websites handling sensitive data compared to free SSL certificates, which have some limitations in that case.Upgrades are straightforward and can be completed through your Account Manager.

Disabling the Free SSL Certificate

1. Log in to your Account Login Links.
2. Click Websites on the left side of the navigation menu and select your website.
   
3. On the website management page, click the SETTINGS button.
   
4. Navigate through the menu and click on Security. On SSL certificates, from the right corner, click on the 3 vertical dots and select View SSL logs.
   
5. Click on the checkbox next to the domain name for which you need to uninstall the SSL certificate. Then, select Exclude Domains from AutoSSL and click View Certificate.
   
6. Lastly, locate the domain for which you do not want an SSL certificate and click on the Uninstall option.

Summary

To activate a free SSL certificate on your WordPress site, simply log into your hosting account, go to the Security tab, and check if the SSL is active. If not, follow the provided steps or instructions in an email to activate it. This makes your site more secure for visitors. To remove the SSL, just log in, go to Security under Hosting, and uninstall the SSL for the desired domain. This helps keep your site trusted and safe.