You’ve worked hard to make your business website tick all the right boxes.
It has a great design, it’s mobile-friendly, it’s informative, and has clear calls to action.
But, there’s one important element you may have overlooked – security. This means that if you are still on a non-secure domain (http) you are not providing the security for your users. Changing your WordPress http to https is a must.
As users move through your website to make a purchase, request a quote, or fill out a contact form, they notice a warning from Google Chrome that your business website is not secure.
And rather than becoming a lead, they leave.
According to a 2017 HubSpot survey, the amount of people that would leave is quite substantial. Up to 85% of people they surveyed stated that they would leave a website that isn’t secure.
So, if you thought you could put your website security on the back burner for another year, you’re absolutely wrong.
Beyond securing your visitors’ data, moving to https can also increase your business’ credibility, and even boost your search engine ranking.
Making your website secure doesn’t have to be expensive or complicated. You can actually change your website from http to https for free in seven simple steps.
But, before we jump in, let’s delve a little deeper into https.
What’s the Deal about Https Anyway?
Google explains it best:
“When you load a website over plain HTTP, your connection to the site is not encrypted. This means anyone on the network can look at any information going back and forth, or even modify the contents of the site before it gets to you. With HTTPS, your connection to the site is encrypted, so eavesdroppers are locked out, and information (like passwords or credit card info) will be private when sent to the site.”
Last year, Google added a “not secure” warning to the Chrome browser for websites that have not yet converted to https.
It looks like this:
With 62% of persons worldwide choosing Google Chrome as their preferred browser, it’s a pretty big deal.
Before You Get Started:
To secure your WordPress website with https, you need access to a few areas:
- Your WordPress website admin (to install a plugin)
- The admin for wherever your domain is registered (to update information)
It’s also strongly recommended that you create a backup of your website.
Ready? Let’s get started.
How to Get Free Https Through Cloudflare
Step 1: Create an account at Cloudflare
The first thing you need to do is create an account at Cloudflare. Simply go to https://dash.cloudflare.com/sign-up, and enter your email address, your desired password, and click on the Create Account button.
In the next step of the registration process, Cloudflare will ask you to enter your website URL. Once this is entered, click the Add Site button.
Next, they will display a prompt with the heading “We’re querying your DNS records.” Click Next to select your plan.
Step 2: Choose a plan, and get information for nameservers
Select the free plan, and confirm.
The next page will reveal your website’s “DNS query results.” This is to ensure that your website and email services won’t be affected during this process.
Scroll to the bottom, and continue.
The following two pages give instructions on what your should change your nameservers to. Record this information in a notepad, or take a screenshot and save it.
Step 3: Modify your settings
Click Continue. Then, click on the Crypto button.
Use the dropdown box, to change the SSL setting to Flexible. Your change will be automatically saved.
Step 4: Login to your domain host, and change your nameservers as instructed.
Login to the website you purchased your domain from, such as GoDaddy, HostGator, etc. If you are not sure how to do this, I have included direct links to the steps for some of the most popular domain registrant companies.
- Namecheap (Click Custom DNS, and enter in the nameservers from cloudflare)
- Google Domains
Step 5: Wait a few hours, and then check Cloudflare to see if activated.
It may take up to 24 hours for your registrar to process this change. Once processed, your site will become active on Cloudflare. You will receive an email to confirm when your status is updated.
Once you see the word Active with a green tick mark, you’re ready to move on.
Step 6: Login to your WordPress website, and install a plugin to direct users to the https version of your website
Once you’re logged into the admin section of your WordPress website, navigate to Plugins in the left sidebar menu. Click Add New, and search for Really Simple SSL.
Click Install Now to download the plugin.
To activate the plugin, click on Installed Plugins under the Plugin header. Locate the Really Simple SSL plugin, and click Activate.
Step 7: Activate SSL
Go to the Settings option in the left sidebar menu, and click SSL to open the Really Simple SSL plugin.