Create free SSL certificates without leaving WordPress • WordPress Help

Surely by now you will know that you can have free SSL certificates for your website through the initiative Let's Encrypt but how would you like to create them directly without leaving WordPress?

This is precisely what the plugin WP Encrypt does, a great idea that, taking advantage of the ease of creating certificates SSL with Let's Encrypt eliminates the step of having to install them from your hosting provider, doing it from your own WordPress, what's up?

Once installed, from its settings menu, this plugin also compatible with Multisite and Multired connects with Let's Encrypt and generates the SSL certificate for your WordPress .

First complete the settings page with your data country, country code, and of course your organization or name, the email will associate it with the email of WordPress settings. It is important that you activate the box named Automatically regenerate the certificate prior to the expiration as the certificates of Let's Encrypt expire after 90 days, and with this box the certificate is automatically renewed, without you having to worry about or take any further action.

Save the changes.

Then click on Register Account to create the account with that data in Let's Encrypt.

And once this is done, again without leaving the same settings screen, press the new button Generate Certificate .

You already have your free SSL certificate, installed on your server requirements ?

He certifies can not be installed if your server does not have PHP 5.3 or later and the services cURL and OpenSSL do not have assets, in which case you would have to ask your hosting provider to provide it.

If everything goes well, it will go If your hosting is compatible, you only have to activate HTTPS in your WordPress because the plugin does not do this step, its function is to create and install the SSL certificate of Let's Encrypt without having to depend on your hosting or do it manually, but you can use the wonderful plugin Really Simple SSL which makes all the changes for you, or you can review the steps of how to activate HTTPS in WordPress in this article . [19659005] The truth is that the idea of ​​the plugin is good, what do I say good, cojonuda! and comes to solve a need, just what plugins should do. For my taste, it would only be perfect to have the Really Simple SSL functionality so that you do not have to depend on another plugin to activate HTTPS in your WordPress.

Otherwise, what you do makes it perfect

Loading …

That may also help you:

Not having HTTPS could penalize the SEO of your web • WordPress Help

Then if you want to complain in the comments, you start giving birth to Google or whatever you think, that this is a free blog, but the reality is that if you do not have an SSL certificate, if your website does not use your url in HTTPS and you have some form with password, a store, payment of cards or similar your SEO could be seriously damaged

Why can not HTTPS penalize my SEO?

 google-https "width =" 770 "height =" 356 "srcset =" https://ayudawp.com/wp-content/uploads /2016/10/google-https.jpg 770w, https://ayudawp.com/wp-content/uploads/2016/10/google-https-550x254.jpg 550w, https://ayudawp.com/wp-content /uploads/2016/10/google-https-768x355.jpg 768w "sizes =" (max-width: 770px) 100vw, 770px "/> </p>
<p> Simple, because <a href= Google has already announced on its security blog that as of January 2017 showed will appear in your browser Chrome insecure web ads if your site contains some kind of non-encrypted data sending if it is not HTTPS .

In fact, although it will still show an icon generic, will precede the legend " Not secure ", " Not safe " in Spanish, to your url, like this:

 urls-sin-https-en -google-chrome "width =" 838 "height =" 328 "srcset =" https://ayudawp.com/wp-content/uploads/2016/10/urls-sin-https-en-google-chrome-840x329. png 840w, https://ayudawp.com/wp-content/uploads/2016/10/urls-sin-https-en-google-chrome-550x216.png 550w, https://ayudawp.com/wp-content/ uploads / 2016/10 / urls-sin-https-en-google-chrome-768x301.png 768w, https://ayudawp.com/wp-content/uploads/2016/10/urls-sin-https-en-google -chrome.png 1600w "sizes =" (max-width: 838px) 100vw, 838px "/> </p>
<p> What's more, if you browse in incognito mode the thing will be even worse, it will no longer be a normal icon, but an alert a, the url will look like this … </p>
<p> <img class= How is an HTTP web different from an HTTPS?

 http-https "width = "650" height = "160" srcset = "http://bootstrapx.com/wp-content/uploads/2018/07/http-https.jpg 650w, https://ayudawp.com/wp-content/uploads/ 2016/10 / http-https-550x135.jpg 550w "sizes =" (max-width: 650px) 100vw, 650px "/> </p>
<p> Basically in the following: </p>
<h3><span id= HTTP

  • It has no traffic security of data
  • Send the data in plain text
  • Load something faster since they send few data
  • Google does not have a special fondness in their efforts to make a more secure web

HTTPS

  • Much more security than HTTP [19659017] Send the data in encrypted format
  • They can load something slower than the same page using HTTP (something that has a solution, for example with SPDY / es )
  • Google rewards them with better positions , despite being somewhat slower

But … does SEO have any benefit in having HTTPS?

 google-and-https-seo "width =" 750 "height =" 431 "srcset =" https: // ayudawp.com/wp-content/uploads/2016/10/google-y-https-seo.jpg 750w, https://ayudawp.com/wp-content/uploads/2016/10/google-y-https-seo -550x316.jpg 550w "sizes =" (max-width: 750px) 100vw, 750px "/> </p>
<p> Well, to begin, hate or love Google has already announced several times that is obsessed with Internet security and that <a href= goes to benefit r in the SERP to the secure webs with HTTPS and that, in fact, is already a factor that take into account their algorithms.

Do you think little reason?

Well, he also has his stuff. I do not know if you've noticed but when someone visits your web in HTTP sometimes that traffic is not correctly identified and it is marked as " direct traffic " regardless of where it comes from, while visits by HTPPS are perfectly registered including its origin and reference.

Also, you should not underestimate the importance of the trust you offer to your visitors by offering more security in your we b , which should result in a reduction in the bounce rate a increase in the time spent on your site and, ultimately, a series of factors that will improve your SEO. [19659005] Do you want a sample? Look at this graph of how HTTPS websites have been increasing in the Google rankings lately …

 https-en-Google-results

There are many more SEO factors , of course, but you should not lose sight of them, especially if for Google it is so important to add a warning to your browser.

Which webs will it affect? ​​

 google-evil-malvado-seo "width = "560" height = "394" srcset = "http://bootstrapx.com/wp-content/uploads/2018/07/google-evil-malvado-seo.jpg 560w, https://ayudawp.com/wp- content / uploads / 2016/10 / google-evil-evil-seo-550x387.jpg 550w "sizes =" (max-width: 560px) 100vw, 560px "/> </p>
<p> Well, any website that saves passwords or cards credit, let's go, all WordPress with user access, social network, community, forum and online store, to begin with In fact <a href= Automattic has already installed default SSL certificates in all WordPress.com blogs and you, what are you waiting for? [19659038] What do I do to avoid it?

 lets-encrypt-certificates-ssl-free "width =" 1131 "height =" 1046 "srcset =" https://ayudawp.com/wp-content/uploads/2016/ 10 / lets-encrypt-certificates-ssl-gratis.jpg 1131w, https://ayudawp.com/wp-content/uploads/2016/10/lets-encrypt-certificados-ssl-gratis-550x509.jpg 550w, https: //ayudawp.com/wp-content/uploads/2016/10/lets-encrypt-certificados-ssl-gratis-768x710.jpg 768w, https://ayudawp.com/wp-content/uploads/2016/10/lets -encrypt-certificates-ssl-free-840x777.jpg 840w "sizes =" (max-width: 1131px) 100vw, 1131px "/> </p>
<p> As soon as possible <strong> installs an SSL certificate </strong>. If until recently the brake was the cost already <a href= you have no excuse since you have free certificates with Let's Encrypt so you're late.

I have long since, by default, always add all the websites that take forms or shop with HTTPS, and sometimes even those that do not, and then I apply WPO techniques to optimize them and thus palliate that bit of less speed, you do what you think but any notice from San Google is like to take it into account like it or not.

Loading …

That may also help you:

time to remove domain sharding • WordPress Help

Until the implementation of HTTP / 2 in our servers, many strategies have been implemented to allow the download of the contents of our site were as fast and effective as possible, including the one called domain sharding .

This common technique, used in HTTP / 1.1, basically consisted in parallelizing content loading using subdomains of the main domain pointing to the same server, or mount the same resources on different servers, with that we tricked the browser to make content downloads in parallel, open more TCP connections, instead of sequentially, reducing the load time of a page. A very interesting improvement to optimize our page .

HTTP / 2 eliminates this need for parallelization because you can request as many resources as you need on the same connection. In fact it is likely that, using domain sharding performance will be detrimental since it creates additional TCP connections and makes it difficult for HTTP / 2 to prioritize resources, in addition to performing DNS actions unnecessary.

Note: it is difficult to measure the perjury since it depends on the amount of resources requested per domain and the weight of each of them.

So if you have implemented a widget that enables domain sharding or you have made changes to your theme to implement this technique, I advise you to disable them and use only the main domain over SSL via HTTP / 2. To undo the change, also remember that all sub-domains used, continue redirecting to the main domain, so as not to lose old links to content.

If still, you decide to maintain domain sharding, remember to make sure that your SSL certificate of domain has a wildcard that makes it valid for all domain names used, or that you have an appropriate multi-domain certificate. This will keep domain sharding and HTTP / 2, and will prevent the browser from unnecessary errors from mixed content (HTTP and HTTPS content over a secure page).

And for all those that you have not yet implemented HTTP / 2 on your servers, I remind you that it is free and very easy provided that your hosting provider integrates Let's Encrypt + HTTP / 2 in its service offer.

NOTICE : this publication is from two years ago or more. If it's a code or a plugin it might not work in the latest versions of WordPress, and if it's a news story it might be obsolete. Then do not say we have not warned you.

Loading …

That may also help you: