As most of you have heard, Google Chrome made some updates in JULY that notified users of non-https connections on sites. This will affect many sites in Australia and over the world with a possible drop in traffic and ranking in search engines to some extent. Why is having a secure website important now?
Having a WordPress HTTPS site makes your business more trustworthy to visitors, but it will also rank higher in searches. If you re starting a new website or blog it is better to get a webhost that provides you with Free https(ssl) to get started with. Below is a list of some recommended web hosts who provide free SSL.
“Why do I need https for a blog or website?”
- HTTPS protects your website users against Man in the Middle attacks.
- HTTPS shows your audience that your site is secure & trustworthy.
- HTTPS impacts SEO ranking in search engines.
Free SSL with website hosting providers:
- Cloudways
- Digitalpacific
- Dreamhost
- A2 hosting
- Siteground
- Kinsta
- Bluehost
- Hostgator
- Wpengine
Shared hosting and https
Popular budget shared hosting providers now also provide https for one domain for free. You will have to pay for https if you have more than one domain on a shared hosting account.
Most budget hosting companies provide the one free https through the popular “let’s encrypt” free ssl service, however you can also integrate your domain with any other web host that provides SSL security
Cloudways
https://www.cloudways.com/blog/lets-encrypt-free-ssl-on-cloud/
Cloudways is one such Cloud Hosting Platform that gives its customers super fast hosting stack to host their websites with Free https. Their customers can now deploy and safeguard their websites on the cloud with SSL/TLS certificates provided by lets encrypt.
Cloudways prices start at $10 a month
DigitalPacific
https://support.digitalpacific.com.au/en/knowledgebase/article/autossl-in -servers
Digital Pacific offers Free SSL Certificates(https) for all Personal and Business shared hosting customers in partnership with Let’s Encrypt. Secure Socket Layer (SSL) Certificates provide a visual indicator (Usually a green padlock in the address bar) that your website is legitimate and secure. Some browsers (Chrome) may display your website as “Not Secure” if you do not have an SSL Certificate installed. To remove this warning you will need a certificate.
Digital hosting prices start at $6.90 month which is paid annually
Dreamhost
https://www.dreamhost.com/hosting/ssl-tls-certificates/
DreamHost allows you to set up Secure Hosting (which creates a free self-signed SSL certificate) for any domain/subdomain that you are hosting under any active paid hosting plan.
There are three types of SSL certificates you can add to your domain within the DreamHost panel –
- Comodo verified SSL ($15/year)
- Self-signed SSL (FREE)
- Let’s Encrypt SSL (FREE)
One of the most common applications for SSL is in web browsers, especially for ecommerce sites. Secure connections to internet sites will have a URL starting with https, for HyperText Transfer Protocol Secure, rather than the standard http.
A2 Hosting
https://www.a2hosting.com/blog/beginners-guide-https/
In most cases, HTTPS goes hand-in-hand with SSL certificates, which are used to verify a site’s identity. If you have a Shared Hosting account with A2 Hosting, you can use the server’s free shared SSL certificate for securing your site.
A2 hosting prices start at $3.92 monthly
Siteground
https://www.siteground.com/tutorials/cpanel/lets-encrypt/
On SiteGround accounts, you can issue as many free Let’s Encrypt certificates as you need. You can install them via the Let’s Encrypt tool in your cPanel.
SiteGround offers three types of SSL certificates:
- WildCard
- EV SSL
- Let’s Encrypt
WildCard and EV SSL certificates are offered as the paid addition and lets encrypt the free version.
Siteground prices start at $3.95 to $11.95 a month
Kinsta
Kinsta has lets encrypt Free SSL integration for all its wordpress websites whihc can be done from within the mykinsta dashboard. The renewal process for the lets encrypt is fully automated
Kinsta Prices start at $30 a month with Free SSL and CDN
Bluehost
https://my.bluehost.com/hosting/help/free-ssl
Bluehost now offers a free SSL certificate for their users directly from the Bluehost cPanel. Once you’ve turned the SSL on, it can take a few hours to install and activate.
AutoSSL is a cPanel feature that automatically installs and renews Let’s Encrypt SSL certificates for every assigned or parked domain on a Bluehost hosting account. In most cases, the SSL will automatically assign and install itself to your new and existing domains.
In some situations, we may need you to take action to complete the process. If so, you’ll receive an email with instructions. SSL Certificates can be purchased and renewed directly from your cPanel.
Bluehost prices start from $2.95 to $5.95 for shared hosting.
Hostgator
https://support.hostgator.com/articles/ssl-certificates/hostgator-free-ssl
HostGator offers free SSL for free with its shared hosting packages. Enabling (or forcing) the SSL will give your domain an “HTTPS://” prefix, which ensures your website will be labeled as “secure” in most web browsers.
Hostgator Pricing starts from $2.75 a month to $5.95 a month for starter budget webhosting.
Wpengine
https://wpengine.com.au/blog/its-time-to-secure-your-wordpress-site-with-https/
An SSL certificate will add a layer of secure encryption to your website, so any information your users submit on your website is encrypted. WPengine offers Free SSL with their website hosting and there is also a paid option.
Paid option for SSL certification at WP Engine include certificates from RapidSSL, which you will need if you’re covering your root domain and all subdomains with a single certificate. RapidSSL wildcard certificates cost $199 and will cover all subdomains
– SSL check
To determine if you have an SSL certificate installed on your website, visit your domain (for example mycoolwebsite.com) with https:// in front. If you see a green padlock next to the “https://” this means your site is secured by an SSL certificate!
With the Studiopress + WP engine merger, now you get 35 StudioPress Themes + Genesis Framework free with thier word-press hosting plans .
WPengine webhosting is premium managed hosting and prices start at $35 a month for their start up plan
‘
What is HTTPS?
HTTP stands for hypertext transfer protocol and HTTPS stands for hypertext transfer protocol secure.
HTTPS (HTTP Secure) is an encrypted version of the HTTP protocol. It usually uses SSL or TLS to encrypt all communication between a client and a server. This secure connection allows clients to safely exchange sensitive data with a server, for example for banking activities or online shopping. SSL is not a software, but supported by security software protocols.
What is SSL?
SSL stands for secure sockets layer
[SSL] is a protocol used by applications to communicate securely across a network, preventing tampering with and eavesdropping on email, web browsing, messaging, and other protocols.
‘
Who is “Let’s Encrypt” Certificate?
Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG)
Free SSL providers (not web hosts) :
- Lets encrypt – https://letsencrypt.org/
- Free SSL – https://www.sslforfree.com/
- CloudFlare – https://www.cloudflare.com/
Https (or Free SSL) in wordpress
Most Hosting providers today install SSL or your https on your website themselves once you request the free ssl from them.
If you are doing it manually the step by step procedure will go something like this
- Buy a certificate.
- Activate the certificate.
- Install the certificate.
- Update your site to use HTTPS
To properly configure HTTPS in wordpress, to work with your SSL certificate, you will need to make some changes in some cases if you are doing this manually yourself.
You could use a Wp plugin that does everything for you. It’s called Really Simple SSL, and it does the job. All you need to do is install the plugin and then tick mark the right settings. There are plenty of tutorials online.
Https for ecommerce (online store)
https://www.shopify.com.au/blog/73511365-all-shopify-stores-now-use-ssl-encryption-everywhere
Even more than blogs or websites, https(ssl) is required for online shops or ecommerce websites, because they have a lot of financial transactions and security is important.
Popular online shop providers provide secure websites and payment gateways and facilitate even more security if needed.
They are different levels of ssl that you can upgrade to yourself as well once you purchase a domain name.
If you want to make it easy for yourself with creating an online shop, i would just go with Shopify who includes an Free SSL certificate that uses industry standard 256-bit encryption technology. This is the same level of encryption used by large banks to keep your information secure.
Check out their online store creation plans + free ssl over here
Google Domains Recommended Security Providers
Google lists the below providers as their partner web hosts, when it comes to security. These web host partners can provide security at a variety of prices, starting from no additional cost.
- Bluehost (WordPress)
- Shopify ( Ecommerce)
- Squarespace
- Weebly
- Wix
Run an SSL Check
After you install an SSL certificate on your web server, you should always run an SSL check to verify that everything is set up correctly.
Head on over to the Qualys SSL Check tool. Enter your domain in the box and click Submit. A check will be run to check if you SSL install is all good on your website.