How to Protect Your WordPress Blog Using HTTPS SSL

Protect Your WordPress Blog using HTTPS / SSL Certificate.

While the Internet has brought a lot of impressive things, our lives do not always follow a portion of confidentiality. Online sharing of information sometimes tends to be normal.

Credit card number, bank account information, not to mention a few dozen, you may have recorded today is the site of the connection information.

If your WordPress site handles sensitive information, you must make sure that your visitors and customers can trust you. And there are several ways to do this.

What are HTTPS and SSL?

You may have heard of these before your acronym. Otherwise, the chances are you’ve seen them at work.

You may have noticed that every time there is a secure site interaction (such as your bank portal), the address in the browser bar has https: // starting relative to the usual place http://.

HTTPS on behalf of hypertext transfer protocol secure. It differs in that it uses HTTP authenticated SSL connection (secure socket connection between the browser and server layer) established.

If hacker management and information exchange interference, encryption will not make him easy (but not all).

Encryption standard:

SSL and HTTPS with a variety of encryption standards. The oldest is called Shao and no longer used. His successor SHA1 circulates the rest of the time and has now been eliminated. Chrome browser, for example, will begin issuing a site warning that this standard will run in early 2016 this year.

The current encryption standard for SSL is SHA2. However, at some point, it will give way to SHA3 which is currently under development.

Why do SSL and HTTPS?

Learn to add HTTPS and SSL WordPress is absolutely essential if you run an e-commerce website to accept payments. Your client’s financial information cannot be taken lightly.

However, this protocol can also be used to protect other information such as login information, data, and many people want to keep things private addresses.

As a site owner, you can also consider adding HTTPS for selfish reasons, because it has become a ranking factor in Google and other search engines.

How to set WordPress for HTTPS and SSL:

Unfortunately, it is not enough to simply add a certificate. You need to make WordPress other adjustments.

The following steps assume that you want your website, which is usually a good idea to use HTTPS anywhere.

However, there are cases where some of the sites on your site are used. We will come back later.

• Make a backup:

Just like any major changes that involve changing your blog, your first reaction should be to build a backup. So, if there is a problem, you can always return to the previous state. Here are the plugins that can help you with the list

• Add SSL to your WordPress dashboard:

The first thing we have to do is add an HTTPS connection to all pages in the background of WordPress. In this way, when someone logs in on your site, all data will be safely exchanged.

To do this, you must add the following line to your WP-config.php file:

Defined (‘FORCE_SSL_ADMIN’, TRUE);

Once you add the line, save the file and send it to your server, it’s time to run a quick test. Go to your login page （https://yourdomain.com/wp-admin）to see if everything is normal.

If all goes well, you must have a secure connection. However, if you encounter a problem, remove the line WP-config.php file because there are troubleshooting to do.

However, for the time being, we assume that everything is fine and we can move to the next step.

• Put your updates:

If your admin area moves successfully with HTTPS, it’s time to do the rest of the same site. To do this, we must first change your website address.

It’s as simple as going to the site settings> General and add https:// beginning this to your WordPress address (located at your installation) and the site address (i.e. the visitor goes to the browser’s address).

Save, nothing more. You may be asked to log in again later.

To ensure that your visitors can safely surf the web, you must also build a redirect in .htaccess. Most people should already have their own files on the server (make sure your FTP shows hidden files), or you need to create one.

of htaccessAdd the following line of code to this file :

<IfModule mod_rewrite.c>

RewriteEngine On

Of RewriteCond％{HTTPS} turn off

Rewrite rule (*).HTTPS：//％{HTTP_ HOST }％{REQUEST_URI} [R = 2，L]

</ IfModule> Configuration

Now, all visitors should be automatically redirected to the security section of your site.

How to set up some pages on HTTPS:

I recommend using SSL everywhere on your site, although some people may choose not to use certain pages.

The following is an example of the use case: you decide to only achieve secure connections for sensitive parts of your site, such as the store, the form of the basket, and no left SSL safe rest.

This can be done with the WordPress plugin to implement HTTPS (SSL). It allows you to choose where to use HTTPS on your website.

If it is true, the plugin has not been updated for some time, reliable sources claim it is still possible to use it. If you have a problem, I would suggest a better WP security which has similar functionality.