Create free SSL certificates without leaving WordPress • WordPress Help

Surely by now you will know that you can have free SSL certificates for your website through the initiative Let's Encrypt but how would you like to create them directly without leaving WordPress?

This is precisely what the plugin WP Encrypt does, a great idea that, taking advantage of the ease of creating certificates SSL with Let's Encrypt eliminates the step of having to install them from your hosting provider, doing it from your own WordPress, what's up?

Once installed, from its settings menu, this plugin also compatible with Multisite and Multired connects with Let's Encrypt and generates the SSL certificate for your WordPress .

First complete the settings page with your data country, country code, and of course your organization or name, the email will associate it with the email of WordPress settings. It is important that you activate the box named Automatically regenerate the certificate prior to the expiration as the certificates of Let's Encrypt expire after 90 days, and with this box the certificate is automatically renewed, without you having to worry about or take any further action.

Save the changes.

Then click on Register Account to create the account with that data in Let's Encrypt.

And once this is done, again without leaving the same settings screen, press the new button Generate Certificate .

You already have your free SSL certificate, installed on your server requirements ?

He certifies can not be installed if your server does not have PHP 5.3 or later and the services cURL and OpenSSL do not have assets, in which case you would have to ask your hosting provider to provide it.

If everything goes well, it will go If your hosting is compatible, you only have to activate HTTPS in your WordPress because the plugin does not do this step, its function is to create and install the SSL certificate of Let's Encrypt without having to depend on your hosting or do it manually, but you can use the wonderful plugin Really Simple SSL which makes all the changes for you, or you can review the steps of how to activate HTTPS in WordPress in this article . [19659005] The truth is that the idea of ​​the plugin is good, what do I say good, cojonuda! and comes to solve a need, just what plugins should do. For my taste, it would only be perfect to have the Really Simple SSL functionality so that you do not have to depend on another plugin to activate HTTPS in your WordPress.

Otherwise, what you do makes it perfect

Loading …

That may also help you:

Not having HTTPS could penalize the SEO of your web • WordPress Help

Then if you want to complain in the comments, you start giving birth to Google or whatever you think, that this is a free blog, but the reality is that if you do not have an SSL certificate, if your website does not use your url in HTTPS and you have some form with password, a store, payment of cards or similar your SEO could be seriously damaged

Why can not HTTPS penalize my SEO?

 google-https "width =" 770 "height =" 356 "srcset =" /2016/10/google-https.jpg 770w, 550w, /uploads/2016/10/google-https-768x355.jpg 768w "sizes =" (max-width: 770px) 100vw, 770px "/> </p>
<p> Simple, because <a href= Google has already announced on its security blog that as of January 2017 showed will appear in your browser Chrome insecure web ads if your site contains some kind of non-encrypted data sending if it is not HTTPS .

In fact, although it will still show an icon generic, will precede the legend " Not secure ", " Not safe " in Spanish, to your url, like this:

 urls-sin-https-en -google-chrome "width =" 838 "height =" 328 "srcset =" png 840w, 550w, uploads / 2016/10 / urls-sin-https-en-google-chrome-768x301.png 768w, -chrome.png 1600w "sizes =" (max-width: 838px) 100vw, 838px "/> </p>
<p> What's more, if you browse in incognito mode the thing will be even worse, it will no longer be a normal icon, but an alert a, the url will look like this … </p>
<p> <img class= How is an HTTP web different from an HTTPS?

 http-https "width = "650" height = "160" srcset = " 650w, 2016/10 / http-https-550x135.jpg 550w "sizes =" (max-width: 650px) 100vw, 650px "/> </p>
<p> Basically in the following: </p>
<h3><span id= HTTP

  • It has no traffic security of data
  • Send the data in plain text
  • Load something faster since they send few data
  • Google does not have a special fondness in their efforts to make a more secure web


  • Much more security than HTTP [19659017] Send the data in encrypted format
  • They can load something slower than the same page using HTTP (something that has a solution, for example with SPDY / es )
  • Google rewards them with better positions , despite being somewhat slower

But … does SEO have any benefit in having HTTPS?

 google-and-https-seo "width =" 750 "height =" 431 "srcset =" https: // 750w, -550x316.jpg 550w "sizes =" (max-width: 750px) 100vw, 750px "/> </p>
<p> Well, to begin, hate or love Google has already announced several times that is obsessed with Internet security and that <a href= goes to benefit r in the SERP to the secure webs with HTTPS and that, in fact, is already a factor that take into account their algorithms.

Do you think little reason?

Well, he also has his stuff. I do not know if you've noticed but when someone visits your web in HTTP sometimes that traffic is not correctly identified and it is marked as " direct traffic " regardless of where it comes from, while visits by HTPPS are perfectly registered including its origin and reference.

Also, you should not underestimate the importance of the trust you offer to your visitors by offering more security in your we b , which should result in a reduction in the bounce rate a increase in the time spent on your site and, ultimately, a series of factors that will improve your SEO. [19659005] Do you want a sample? Look at this graph of how HTTPS websites have been increasing in the Google rankings lately …


There are many more SEO factors , of course, but you should not lose sight of them, especially if for Google it is so important to add a warning to your browser.

Which webs will it affect? ​​

 google-evil-malvado-seo "width = "560" height = "394" srcset = " 560w, content / uploads / 2016/10 / google-evil-evil-seo-550x387.jpg 550w "sizes =" (max-width: 560px) 100vw, 560px "/> </p>
<p> Well, any website that saves passwords or cards credit, let's go, all WordPress with user access, social network, community, forum and online store, to begin with In fact <a href= Automattic has already installed default SSL certificates in all blogs and you, what are you waiting for? [19659038] What do I do to avoid it?

 lets-encrypt-certificates-ssl-free "width =" 1131 "height =" 1046 "srcset =" 10 / lets-encrypt-certificates-ssl-gratis.jpg 1131w, 550w, https: // 768w, -encrypt-certificates-ssl-free-840x777.jpg 840w "sizes =" (max-width: 1131px) 100vw, 1131px "/> </p>
<p> As soon as possible <strong> installs an SSL certificate </strong>. If until recently the brake was the cost already <a href= you have no excuse since you have free certificates with Let's Encrypt so you're late.

I have long since, by default, always add all the websites that take forms or shop with HTTPS, and sometimes even those that do not, and then I apply WPO techniques to optimize them and thus palliate that bit of less speed, you do what you think but any notice from San Google is like to take it into account like it or not.

Loading …

That may also help you:

HTTP / 2 and WordPress – The future of the Web

The HTTP protocol is the engine that moves the Internet, without which you could not be reading this blog, nor buy online, share content in your networks social and all those things that we are used to.

Now, this protocol, in the HTTP / 1.1 version had not been updated since 1999, but that's it: Welcome HTTP / 2!

What is HTTP / 2?

 HTTP-2 "width =" 480 "height =" 240 "srcset =" 480w, 319w "sizes =" (max-width: 480px) 100vw, 480px "/> </p>
<p> Not a plugin, it's not a bird, it's not an airplane, it's <strong> a new network protocol for the WWW </strong> that comes to improve the current HTTP: the connections between the browser and the web page. </p>
<p> it is about <strong> an improvement of the current HTTP protocol so that the connections to web pages are faster and more efficient </strong>reducing time between calls. </p>
<p> It is <strong> a great improvement </strong>which has been pending since 1999, and that Google started with its <a href= protocol SPDY in 2009, now abandoned when adopting HTTP / 2.

Why is HTTP / 2 better?

 http-vs-http2 "width =" 550 "height =" 538 "srcset =" 550w, -http2-60x60.gif 60w "sizes =" (max-width: 550px) 100vw, 550px "/> </a> </p>
<p> Broadly speaking, and being practical, some of the improvements it incorporates are: </p>
<li><strong> HTTP / 2 requests are much smaller </strong> in size since <strong> uses compression </strong>. </li>
<li><strong> HTTP / 2 uses multiplexing </strong>which allows the sending and receiving of several files at the same time [19659013] HTTP / 2 allows the server to "launch" the content gone </strong>that is, that responds with data to most requests that the client requests. This allows the server to offer data that it knows the browser will need to display a web without having to wait for the browser to receive the first response, and without having to do another cycle of requests. </li>
<li><strong> HTTP / 2 can leave the connection open </strong> for reuse </li>
<li><strong> With HTTP / 2 the browser makes many fewer requests to the server </strong>resulting in a significant reduction in page load time. </li>
<li><strong> HTTP / 2 no longer needs the Most of the HTTP 1.1 syntax </strong>such as methods, status codes, header fields, URIs, etc. The element to be displayed is transported directly between the client and the server. </li>
<li><strong> Fewer headers to transmit </strong> because HTTP / 2 uses compression </li>
<li><strong> HTTP / 2 requires a smaller amount of data </strong>which it translates into less loading time. </li>
<li><strong> HTTP / 2 changes the loading order </strong>which gets a more efficient load of the page when the elements are prioritized. </li>
<p> The first tests show <strong> a improvement of between 20% and 30% in the speed </strong> of downloading the page with this update. </p>
<h2><span id= What do I have to do to use HTTP / 2?

The first thing you should know is that ] the latest versions of the most used browsers are already compatible with HTTP / 2 which is also compatible with previous versions of the protocol, so if you decide to pass to HTTP / 2, you do not lose any users, neither visit nor sale .

The only thing you need to Benefit from this improvement is an SSL certificate and that your hosting provider enables HTTP / 2 on your server if you are already prepared for it. If you are already working with a provider like SiteGround ask to have this functionality enabled, since your servers are ready .

If you have a online store surely you already have an SSL certificate so, what are you waiting for? Speed ​​up your website! Start using HTTP / 2!

HTTP / 2 and WordPress

 WordPress http2

Actually you do not need to do anything in WordPress so you can use the HTTP / 2 protocol apart from having an SSL certificate installed and active and that your hosting provider will activate HTTP / 2.

On the other hand, when using HTTPS, you must make sure that you are serving all your content in https , without mixed content that is, that there is nothing in your site that is still used in http.

Where if you have to do some work, if you did not do it already when going to HTTPS and it is to check that you do not use anything in http, instead of https .

I am referring to images, permanent links, redirects, etc. You should check your WordPress configuration file ( wp-config.php ) to verify that you define your routes with https, and the file .htaccess to review any possible redirection that you still have to an http, for example.

Also, it's not too much to check if there is a plugin that generates absolute http addresses instead of relative ones, whatever that might be.

Of course, you should have in Settings -> General the site address and WordPress in https.

There are plugins like, Really Simple SSL the one that I recommended you the other day talking about SSL which does most of this work, but it does not hurt a review for mixed content. The same browser will inform you if this is happening or not.

But come on, that in principle you do not have to do anything to use HTTP / 2 that you should not already do to have your WordPress with HTTPS but if you were not exhaustive at the time maybe now it is not too much to put yourself to it, for take advantage of all the advantages of both technologies .

HTTP / 2 and developers

 http2 vs http1

Over the years, developers and experts in SEO have developed practices to try to bypass the restrictions and weaknesses of the HTTP / 1.1 protocol, so both plugins and themes have been incorporating a series of tricks that, if active HTTP / 2 is not only necessary but they are counterproductive .

For example, it is very common to use compression, combination and asynchronous loading of CSS files and JavaScript . There are themes that do it by default, and a multitude of SEO plugins, let alone Cache, which also incorporate it.

This, which is a good idea if you're on HTTP / 1.1 is just what you should not do in HTTP / 2 because you do not need it and you will be using resources and processes that harm the performance of your web, being unnecessary.

What is a practice totally discouraged in HTTP / 2 is the fragmentation in several domains known as " sharding ", since it forces more DNS queries.

In short, if you are a developer of WordPress themes or plugins, keep in mind that you do not need to use more sprites or combine unnecessary files or upload assets in your code .


In short, is a good idea to set up HTTP / 2 on your website since you're going to improve the user experience, thanks to the fact that Downloading the page will be faster and more orderly, and is compatible with your current site, and in principle you do not have to implement anything in your code, nor install any plugin or anything similar.

The HTTP improvements / 2 are tremendous and views in a practical way can be summarized in …

  1. Web faster
  2. Web more secure, it forces the adoption of SSL
  3. Web more optimized for mobile
  4. Less consumption of server resources

In case you are not clear enough, I summarize the changes you must do on your website to offer maximum speed and an unbeatable user experience :

  1. Activate a CDN
  2. Offer your secure website through HTTPS with an SSL certificate
  3. Ask your hosting provider to activate HTTP / 2 on the server

Do you already have your website on HTTP / 2? Do you have any doubts? Something that has happened to me?

If you want to ask or share something about it, do not cut yourself, we're all looking forward to your doubts or advice and so we learn more. There you have the comments.

This article would not have been possible without the inestimable help of the great Fernando Puente that to see if at once he registers as a user of the blog and the solito is encouraged 😉

NOTICE : This publication is from two years ago or more. If it's a code or a plugin it might not work in the latest versions of WordPress, and if it's a news story it might be obsolete. Then do not say we have not warned you.

Loading …

That may also help you:

Force HTTPS SSL in WordPress

 https ssl

Do you have a specific page on your website that should be secure? Do you have a series of entries that you want protect with SSL ? Or do you want to protect all your WordPress? There are several ways to do it in a simple way … as always.

If what you want is to force the security through SSL for your entire site you just have to install the plugin Force SSL everywhere and, once it is accessed, all the pages are secure.

Now, if what you want is define entries or pages to be secure for example, a page that hosts your electronic store or some form, is also simple.

You can do it using a plugin, WordPress HTTPS (SSL) . Once you install it, on its settings page, you can specify if you want to secure the whole site or just the administration area. To ensure specific pages or entries add a box to the WordPress editor in which to make it secure.
 secure post wordpress .

If, on the other hand, you prefer secure specific entries with a code you can add the following to your function plugin :

] Simply change the list of IDs of the entries / pages to be protected on line 3.

Additionally, you can force security through SSL on the WordPress access screens and administration by adding these lines to the file wp-config.php :

On the front line SSL forces on the access screens, on the second in the entire administration. To disable them, change the parameter " true " to " false ".

And if you want, you can also force SSL from .htaccess for which you would have to add these lines:

I think it's necessary to clarify that you must customize it with your domain (go, I already said it).

And I can only remind you that you can also activate SSL in WordPress. com with fewer options but at least it's something.

Well, I think that practically all possibilities are covered with this. If you can think of one more, you tell us in the comments.

NOTICE : this publication is from two years ago or more. If it's a code or a plugin it might not work in the latest versions of WordPress, and if it's a news story it might be obsolete. Then do not say we have not warned you.

Loading …

That may also help you: