SSL & HTTPS (And How To Get It)

An SSL certificate is needed for every site. SSL and HTTPS protect your site from people that want to intercept data and it shows a lock icon (Hiding the insecure message from users) on visitors browsers.

What is SSL and HTTPS?

An SSL certificate allows the information that is sent to and from your site to be encrypted, and therefore secure. HTTPS is the secure version of HTTP. When you do not have an SSL certificate on your website (Making it not secure), the HTTP protocol is used to transpire information and files between the client's computer and your server. Once you add an SSL certificate to your website, the HTTPS protocol is used. The HTTPS protocol makes sure that everything is encoded, in a way that only the visitor's computer and your server can read. Everyone else (Including hackers) will only see a jumbled mess of characters.

How do you get an SSL Certificate?

SSL certificates are fairly easy to obtain. First, check with your web hosting provider, as they may provide you with a free certificate. Otherwise, Let's Encrypt and GoGetSSL provide free certificates.

Advertisement

How do you install an SSL Certificate?

Most hosting providers will have a control panel that you can use. Within this Control Panel, there should be an option to install the certificate. The instructions are different for each hosting provider, so we cannot provide too many details here.

How do you test an SSL certificate?

Testing is easy! Just add “https://” before your domain name to use the HTTPS portal that was introduced above! For example, type “https://tinkertechlab.com” to load your newly secure website. If you get an error, don’t worry. Just make sure that you installed the certificate correctly, and ask your SSL provider for help if you are still stuck.

How to force SSL?

Sometimes your website will just want to load over HTTP. This can confuse people because it can seem like they have two different websites. One begins with HTTP, and the other begins with HTTPS. The truth is that there is still only one site, the only difference is the way that the information is shipped from the server to your browser. To force your website to use HTTPS all the time, you will need to use .htaccess. Our beginners guide to .htaccess can be found here, and additional info on forcing HTTPS with .htaccess can be found here. (Note: To force HTTPS, please click here. If you don’t know how .htaccess works, learn about that first. .htaccess as the ability to mess up your site if you use it incorrectly). If you already know what htaccess is, the required code is below.

Force HTTPS (.htaccess)


# Require HTTPS - Remember that the "RewriteEngine on" line should only be included once. RewriteEngine on RewriteCond %{HTTP:X-Forwarded-Proto} =http RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Conclusion

Having an SSL certificate, so you can get HTTPS on your site is a very important task. SSL certificates can help boost SEO, and help visitors gain trust in your site. Best of luck!

Advertisement

Article by Tinkerman