1. Web Design
  2. WordPress
  3. WordPress Hosting

How to Install an SSL Certificate to Secure WordPress

Scroll to top
Final product imageFinal product imageFinal product image
What You'll Be Creating

One way to make your WordPress website more secure is by installing an SSL certificate.

An SSL certificate will add https:// to your site’s domain and, more importantly, will enhance security for your users. It’ll also give you some SEO benefits.

In this tutorial, you’ll learn how to install an SSL certificate for your WordPress site for free using Let’s Encrypt. I’ll show you how to do it using the SiteGround admin screens, using cPanel, and also using a plugin.

Special Discount for WordPress Hosting

If you need WordPress hosting, take a look at SiteGround. It comes with an easy installer, free support, and automatic updates. And it includes support for SSL to keep your site secure! We're happy to be able to offer a huge discount of 70% off self-managed WordPress hosting, thanks to our partnership with SiteGround.

Managed WordPress Hosting From SiteGroundManaged WordPress Hosting From SiteGroundManaged WordPress Hosting From SiteGround

What Is SSL?

SSL stands for ‘Secure Sockets Layer’. It uses key pairs to authenticate website access: a public key, which anyone can access, and a private key, which is private. The relationship between the two means that only someone with the private key (i.e. the website owner, that’s you) can encrypt information that’s transmitted using the public key. It also means anyone can use the public key to verify that the site is secure.

But don’t worry—you don’t have to store these keys for your website. Instead, the keys are used by an SSL certificate that you install on your site. This means that when your site sends information between the browser and the server, it’s encrypted.

When you install SSL, it will change the way your site looks. The https:// at the beginning of your domain will change to https://, and a padlock will appear when you visit the site in your browser, as you can see in this screenshot of the Tuts+ website.

SSL on tutsplusSSL on tutsplusSSL on tutsplus

What Are the Benefits of SSL?

So why bother to add SSL to WordPress? It’s an extra job to do after setting up your site and doesn’t change the way the site appears to users, so why should you do it?

There are two main benefits—security and SEO.

SSL and Security

The first and most obvious benefit is to your website security. By adding SSL, you make it much harder for anyone to intercept data that’s being transmitted, and harder for someone to access information that users input to your site.

So if you’re running an e-commerce store or collecting user information for them to register on a membership site, for example, SSL is essential. Running any site like this without SSL is very dangerous and irresponsible.


The other great thing about adding SSL to your site is that it’s good for search engine optimization.

Google prefers sites with SSL certificates and will rank them more highly. Given that adding SSL is free, even if your site isn’t collecting user data, it’s worth installing an SSL certificate for the SEO benefits.

How to Add SSL to WordPress for Free

It used to be that to get SSL you had to pay for an SSL certificate, and it could cost more than your hosting. But now you can get an SSL certificate for free using Let’s Encrypt.

You can add this with a WordPress plugin (also free) or you can use the SiteGround admin tools or cPanel to easily add SSL to your site.

Let’s take a look at each method.

Adding Let’s Encrypt SSL via SiteGround

To add SSL to your WordPress site in SiteGround, start by logging in to the SiteGround site and clicking on the Websites tab.

Websites screen in SitegroundWebsites screen in SitegroundWebsites screen in Siteground

Click the Site Tools button to access tools for your site, and then on Security > SSL Manager.

Siteground SSL managerSiteground SSL managerSiteground SSL manager

In the Select Domain field, select the site to which you want to add SSL. In the Select SSL dropdown list, select the option you want to use.

The three options are:

  • Let’s Encrypt—a standard SSL certificate, which is free and will meet the needs of the majority of sites.
  • Let’s Encrypt Wildcard—wildcard SSL means you can add subdomains to the site and they will use the SSL certificate. Useful if you've got a multisite network using subdomains.
  • Premium Wildcard—includes extra features for added security. This will cost extra.

You can find out more on the SSL certificates page of the SiteGround website.

For this demo, I’m going to select Let’s Encrypt as it's free and will meet the needs of the majority of WordPress sites.

Once you’ve selected the option you want, you’ll see a notification that your request is being processed.

SSL request being processedSSL request being processedSSL request being processed

This can sometimes take a while as your request is sent to a queue, and there may be other SiteGround account holders submitting requests at the same time. Once the request is complete, you’ll see a success message.

SSL success messageSSL success messageSSL success message

If you click the Configure HTTPS link, you’ll be taken to a tutorial on the SiteGround website that covers a range of website systems. Don't worry, I'll tell you exactly what to do—just skip ahead to the Configuring WordPress Settings to Use HTTPS section below.

Adding SSL in cPanel

If you’re with a hosting provider other than SiteGround that also offers Lets Encrypt SSL, or you’re using an older SiteGround account that still uses cPanel for SSL, you can install a free Let’s Encrypt SSL certificate using the cPanel interface.

Start by logging in to your hosting provider’s interface and opening cPanel. Scroll down to the Security section.


Click the Let’s Encrypt link to go to the Let’s Encrypt manager screen. Go to the Install new Let’s Encrypt Certificate section.

cPanel Lets EncryptcPanel Lets EncryptcPanel Lets Encrypt

In the Domain field, select the domain you want to add a certificate to. Then select the certificate type. You have two options:

  • Let’s Encrypt SSL—suitable for most sites.
  • Let’s Encrypt Wildcard SSL—useful for sites with subdomains, such as multisite networks.

Choose the one you want and click the Install button.

You will see a success message telling you your request has been added to the queue. Click the OK button.

Lets Encrypt cPanel successLets Encrypt cPanel successLets Encrypt cPanel success

At first, it won’t show up in the Manage Let’s Encrypt Certificates section—that’s because your request is in the queue waiting for other users who’ve requested certificates. But it will change to reflect that quite quickly.

Now skip ahead to the Configuring WordPress Settings to Use HTTPS section below.

Adding SSL With a Plugin

If you’re not with SiteGround and your hosting provider doesn’t offer Lets Encrypt, you can install a free plugin that will let you add a free SSL certificate.

In WordPress, install the plugin. Go to Plugins > Add New.

In the search box, type SSL. You’ll see a range of SSL plugins.

SSL pluginsSSL pluginsSSL plugins

Find the SSL Zen plugin. Click the Install Now button and then, when that turns into an Activate button, click that to activate the plugin.

Once the plugin has installed, you’ll be taken to the SSL Zen screen. If you aren’t or you need to come back to it, click SSL Zen in the admin menu.

SSL Zen opening screenSSL Zen opening screenSSL Zen opening screen

Click on the Use Free Version link at the top of the screen to be taken to the setup screen.

SSL Zen setup screen 1SSL Zen setup screen 1SSL Zen setup screen 1

Check that the domain and email address are correct, check the www option if you want to add https:// to that too, and check the terms and conditions option. Click the Next button to continue.

SSL Zen setup screen 2SSL Zen setup screen 2SSL Zen setup screen 2

The next step is to verify that you own the domain. Follow the instructions onscreen to upload a file to a new folder. Make sure you add the folders and files to the public_html folder in your site, not the root. You’ll need to have FTP access to your site or use the File Manager option in cPanel.

Once you've done that, go back to the plugin setup screen and click the Verify button next to each of the files.

The plugin will check that the files are in the right place. Once that’s done, click the Next button.

SSL Zen setup screen 3SSL Zen setup screen 3SSL Zen setup screen 3

If you want, you can download your certificates, but you don’t have to—they’ll also be emailed to your WordPress admin email address. Click the Next button again to finish.

Your site will now have an SSL certificate installed, but you still need to ensure that WordPress is using https:// in the browser. We'll cover that in the next section.

Configuring WordPress Settings to Use HTTPS

Now you need to tell WordPress to use https:// instead of http://

In the WordPress admin, go to Settings > General. Find the Site URL and WordPress URL fields.

WordPress general settingsWordPress general settingsWordPress general settings

Edit the two fields so that they include https:// instead of http://

WordPress General settings with httpsWordPress General settings with httpsWordPress General settings with https

Scroll down and click the Save changes button to save your changes.

You’ll need to log in again—this is because your browser has stored your login cookie for the http:// version of your address, and you need to log in again for https://.

Your site will now use https:// and have the padlock icon.

site with SSLsite with SSLsite with SSL


Adding an SSL certificate to your WordPress site will make it more secure and will enhance your SEO. So there really isn’t any reason not to do it.

And you also don’t need to spend any money to do it. Whichever method you use, add an SSL certificate to your site today, and you’ll be safe in the knowledge that it has better security and will be ranked more highly by search engines.

Easy SSL Setup With SiteGround

As you've seen, SiteGround makes it really easy to set up SSL for your WordPress site. It also comes with an easy installer, free support, and automatic updates—and thanks to our partnership with SiteGround, we can offer a discount of up to 70% off self-managed WordPress hosting.

Managed WordPress Hosting From SiteGroundManaged WordPress Hosting From SiteGroundManaged WordPress Hosting From SiteGround

Did you find this post useful?
Want a weekly email summary?
Subscribe below and we’ll send you a weekly email summary of all new Web Design tutorials. Never miss out on learning about the next big thing.
Looking for something to help kick start your next project?
Envato Market has a range of items for sale to help get you started.