Essential Setting in WordPress after Installation of SSL Certificate

Essential Setting after Installation of SSL Certificate on a WordPress website

 WordPress is one of the most popular CMS with over 35% of internet website are build on WordPress CMS at this time of writing this post. There other CMS like Squarespace, Joomla, Drupal etc but use by only fewer sites. WordPress is far ahead as compared to its competitor. Previously WordPress users to create a blog or website But now WordPress core code changed a lot as well as the massive ecosystem of Plugins and theme, you can create any type of website with WordPress.

As WordPress is more popular CMS, therefore, it is the main target for a hacker. As per Sucuri WordPress accounted for 90 per cent of all hacked CMS sites in 2018. WordPress is very secure by default itself most of the security breach occurs due to the use of theme and plugin from unauthorized sources. on WordPress Platform website security hardening means securing a website by reducing its surface of vulnerability. More use of theme and plugin, Showing directory or WordPress version provides a potential entry point to the hacker.

Essential Setting after Installation of SSL Certificate on a WordPress website

Moving to HTTP to HTTPS is have lots of advantages. It helps to gain the trust of your user if you are selling any product. HTTP to HTTPS migration can improve your SEO ranking. As per Google SEO guideline, the website that provides secure connection will get higher ranking in Google Search result. You may have seen that Google Chrome shows HTTP site as Insecure site. Google Declared HTTPS a ranking signal. Google Started to index HTTPS pages first in Search Results.

HTTPS is being used for communication over Hypertext Transfer Protocol (HTTP) with an ‘S’ in the end that stands for ‘Secure.’ An HTTPS connection performs major three roles which is Authentication, Encryption and Data integrity.  HTTPS is very helpful to gain the trust of user, if you are selling anything through your website, HTTPS connection can boost your online sale because a user will trust your website. According to Builtwith, as of February 2018, 49.8% of the top 10,000 websites are using HTTPS. That is up from 5.68% back in September 2015.

Essential Setting after Installation of SSL Certificate on a WordPress website

There are big players in the market from whom you can buy the SSL certificate if you are using a self-hosted WordPress website you may get a free SSL certificate from your web hosting provider. major hosting provider provides free SSL certificate. You may read my previous post to install SSL certificate on your WordPress website without Spending a Single Penny

Essential Setting after Installation of SSL Certificate on a WordPress website-:

Before installing a SSL it is most important to take a complete backup of your WordPress site. once you installed SSL certificate install Really Simple SSL Plugin. this plugin will automatically detect your SSL certificate and set WordPress to use HTTPS. Open the plugin Really Simple SSL in your WordPress dashboard, then navigate to Settings > SSL. Your WP site should be running on HTTPS in one click after you click on “Go ahead activate SSL!”.

Once you installed SSL certificate, you have to update URL address In your WordPress dashboard click on Settings > General. Replace your website address from http:// to https:// and click on Save Changes. As Shown in Below Image.

Essential Setting after Installation of SSL Certificate on a WordPress website

.htaccess file have a very important role in WordPress website..htaccess is a configuration file for use on web servers running the Apache Web Server software.If yor WordPress Hosting uses Apache server then you have to force HTTPS by editing your .htaccess file. Add this code to your file.

  • force HTTPS by editing your .htaccess file. Add this code to your file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  • If you are using NGINX, edit your nginx.conf configuration file by adding the following lines of code:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;

You can force HTTPS to your WordPress admin area by editing the wp-config.php file with the following line:

define('FORCE_SSL_ADMIN', true);

If you do not see the secure lock in your browser address bar, you still have mixed content. It is very important that this is fixed because browsers will throw all sorts of warnings at users, who might get scared.

Your website consists of HTML, images, javascript and CSS files. When your site is loaded in the browser, the HTML that is loaded will contain links to the images, javascript and CSS files, the resources of your website. If your HTML is loaded over https, and a load of your resources (partly) over http, the content is “mixed”: you have mixed content. If you have mixed content warnings, read this article for further instructions.

In order to avoid mixed content errors, you can simply edit all URLs in your database that still show under HTTP. You can use a plugin that searches and replaces URLs, such as Better Search Replace plugin. Open the plugin and just search for and replace with Click on Run Search/Replace.  After Fixing Mix content error you have to verify your website with Google Search Console. After this, Google will re-crawl your site and submit a new XML sitemap with your HTTPS URLs.

If you like my work, Please Share on Social Media! You can Follow WP knol on FacebookTwitterPinterestQuora and YouTube for latest updates. You may Subscribe to WP Knol Newsletter to get latest updates via Email. You May also Continue Reading my Recent Posts Which Might Interest You.

About Amar Patel 263 Articles
Hi, I am Amar Patel from India. Founder, Author and Administrator of I am a Simple Average Man who Loves life and Love living life.Professionally I am a Mechanical Engineer. Apart from my Job, I Love to write the things around WordPress WordPress CMS.