The network has become an indispensable part of our lives, we often shop online, online registration information. Therefore, information security has become a very important part we must seriously.
HTTP (Hypertext Transfer Protocol) is based on a request and response model, often based on TCP connections, the vast majority of web applications are built on top of the HTTP protocol.
HTTPS (Secure Hypertext Transfer Protocol) is a secure communication channel based on the development of HTTP, for communication between clients and servers to exchange information. It uses Secure Sockets Layer (SSL) to exchange information, it is secure version of HTTP.
What is SSL?
SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client. We used SSL protocol when a web browser needs to securely connect to a web server.
What is an SSL Certificate?
If you want to enable SSL on your website, you will need to get an SSL Certificate that identifies you and install it on the server. SSL will establish encrypted channels of communication to ensure data transmission confidentiality. The encrypted channel, refers to the sender sends data using an encryption algorithm and encryption key.
How to get SSL Certificate for my website?
Now many domain providers are offering SSL Certificate services. However you will see dozens of different SSL certificates with a wide range of prices for each. We searched the price of GoDaddy SSL is not cheap.
But fortunately,we can now get free SSL Let’s Encrypt. Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). Its goal with Let’s Encrypt is to get the Web to 100% HTTPS. Let’s Encrypt has issued more than 5 million certificates in total since it launched to the general public on December 3, 2015.
How to install Let’s Encrypt?
Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands. Let’s Encrypt recommend that the certbot client. It’s easy to use, works on many operating systems, and has great documentation. Simply click the word certbot to get started.
Choose your webserver and OS then it shows the automated install commands, we use Apache and Ubuntu 14.04 for example.
How to install Let’s Encrypt on my WordPress?
Some WordPress hosting providers offer free Let’s Encrypt installation, such as siteground. Now login into your cPanel. Once inside, you need to move to the security section and then click on the Let’s Encrypt Icon.
Click Let’s Encrypt for your WordPress site.
After installation is completed, you need to update your site from HTTP to HTTPS.
Updating WordPress to HTTPS
Once your SSL certificate is installed; you need modify your domain from http://yourdomain.com to https://yourdomain.com. Go to the dashboard of WordPress to set the WordPress Address(URL) and Site Address(URL) to new HTTPS URL. (setting->General to update)
After setting the HTTPS address, then you need to setup WordPress SSL redirect from HTTP to HTTPS. Force your entire website to go through https, you can add these rules to your .htaccess file:
The biggest obstacle to the deployment of HTTPS is required for the certificate. For many people are concerned to obtain and deploy a server certificate is a very complicated matter, and the cost is not low. The goal of Let’s Encrypt is to solve these problems, it will design and deploy a collaborative, free and open system that allows any person can deploy encryption certificate through a simple click.
Let’s Encrypt offers free SSL certificate, whether it is for webmasters, Internet users, or the entire Web Internet are very favorable, it contributes to the safety of the entire Internet.