Create free SSL certificates without leaving WordPress • WordPress Help

Surely by now you will know that you can have free SSL certificates for your website through the initiative Let's Encrypt but how would you like to create them directly without leaving WordPress?

This is precisely what the plugin WP Encrypt does, a great idea that, taking advantage of the ease of creating certificates SSL with Let's Encrypt eliminates the step of having to install them from your hosting provider, doing it from your own WordPress, what's up?

Once installed, from its settings menu, this plugin also compatible with Multisite and Multired connects with Let's Encrypt and generates the SSL certificate for your WordPress .

First complete the settings page with your data country, country code, and of course your organization or name, the email will associate it with the email of WordPress settings. It is important that you activate the box named Automatically regenerate the certificate prior to the expiration as the certificates of Let's Encrypt expire after 90 days, and with this box the certificate is automatically renewed, without you having to worry about or take any further action.

Save the changes.

Then click on Register Account to create the account with that data in Let's Encrypt.

And once this is done, again without leaving the same settings screen, press the new button Generate Certificate .

You already have your free SSL certificate, installed on your server requirements ?

He certifies can not be installed if your server does not have PHP 5.3 or later and the services cURL and OpenSSL do not have assets, in which case you would have to ask your hosting provider to provide it.

If everything goes well, it will go If your hosting is compatible, you only have to activate HTTPS in your WordPress because the plugin does not do this step, its function is to create and install the SSL certificate of Let's Encrypt without having to depend on your hosting or do it manually, but you can use the wonderful plugin Really Simple SSL which makes all the changes for you, or you can review the steps of how to activate HTTPS in WordPress in this article . [19659005] The truth is that the idea of ​​the plugin is good, what do I say good, cojonuda! and comes to solve a need, just what plugins should do. For my taste, it would only be perfect to have the Really Simple SSL functionality so that you do not have to depend on another plugin to activate HTTPS in your WordPress.

Otherwise, what you do makes it perfect

Loading …

That may also help you:

Heartbleed, the biggest security flaw in Internet history: what it is and what to do to secure WordPress

 heartbleed-openssl-bug

If you are in this world you will already know that a little more than a month ago a fault was discovered huge that affects more than 66% of the entire Internet : the bug Heartbleed .

:: What is Heartbleed? ::

 Heartbleed-logo

In fact, Heartbleed is considered the biggest Internet security breach in history since it affects software Open SSL the most used in Apache and NGinx servers since 2012 to offer secure connection pages (the irony is served).

So your social network, your e-commerce store, to the web where you make the purchase of the supermarket could be vulnerable if they use an unsafe version of Open SSL from 1.0.1 to 1.0.1f both included.

Worst of all is that any attacker maliciously can use this failure and leaves no trace of its activity simply takes possession of the web, can substitute users, obtain personal information and credit cards, even create a clone of the site.

In fact , it was recommended that, if we were worried about safety, the nature of our data, until there was a secure version of Open SSL (the first was 1.0.1g) and the main services were updated better not to use the Internet ]that's nothing.

:: How do I protect myself from Heartbleed as a user? ::

 heartbleed user password

As an Internet user the only way to protect yourself from Heartbleed is to be informed, something that goes through the following:

  1. Check on this list if your favorite websites are affected by the Heartbleed bug.
  2. Install this Chrome extension that alerts you if the web you visit is affected by Heartbleed.
  3. Changes passwords immediately in all sites that use Open SSL and have been proven to have been compromised (almost all, examples: Google, Facebook, Flickr, Yahoo, GoDaddy, etc, etc, etc.).

:: How I protect WordPresss from Heartbleed? ::

 heartbleed wordpress

To start … if you do not use secure certificate then you do not have to do anything . This only affects if you have registered a certificate to offer an e-commerce store, a social network or similar. This only affects pages https .

Otherwise, if you use a certificate SSL / TLS the question is quite different and what you should do is the following:

  1. ] Check if your site is affected by the Heartbleed bug here or here . If yes (or doubt) contact your hosting provider to demand that you update Open SSL to a secure version with the utmost urgency.
  2. Once you have updated Open SSL get new certificates SSL / TLS (usually your hosting provider)
  3. As a responsible and cautious administrator requires your users to change their passwords, or you re-commit all of them by force . It is always good strategy to force the password change every so often .

NOTICE : this publication is from two years ago or more. If it's a code or a plugin it might not work in the latest versions of WordPress, and if it's a news story it might be obsolete. Then do not say we have not warned you.

Loading …

That may also help you: