WordPress added SSL support to its future requirements

On December 1, 2016 WordPress announced it will move towards SSL in 2017. Many hosting partners provide SSL certificates for low prices, but you can also use letsencrypt for easy free SSL support. If you are hosting your sites using Plesk there is a pre-build plugin (can also be installed via Plesk installer!) for letsencrypt. Of course you can also install certificates with shell access, easy and free. Also the Google Chrome team announced that „none SSL pages“ will throw a warning from January 2017 on.

So if you are running WordPress projects and haven’t installed a certificate yet, there is no better time to do it.

Letsencrypt in Plesk project detail page.

In Plesk just select your project page and click on „Let’s Encrypt“. The next step lets you add the default „www.“ subdomain to your certificate and thats it. After the plugin has all work done for you, you need to edit your „.htaccess“ file and add the following lines, to only allow https:// in your domain. At last step edit your blogurl in your sites setting and add https instead of http to your blogurl.

<ifmodule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

If you have images, videos, internal links and those stuff (wich is quite normal) on your website, you need to update the absolute URLs WordPress has saved to your database. I recommend the WP Migrate Plugin to do this.

© Copyright wundertal.net | Impressum | Datenschutzerklärung