The security of a website is a major concern, especially when it comes to the WordPress website. WordPress as a CMS is no stranger to hackers. That’s why it’s important to set up a free SSL in WordPress.

You’ll learn about:

  • What is SSL
  • How to get a free SSL certificate for WordPress
  • Why is SSL important
  • Do you need an SSL certificate

I’ll be covering all of these topics, but before we start, it’s essential that you know what SSL is.

Table of Contents

What Is SSL

SSL stands for “Secure Sockets Layer,” which is used to create an encrypted connection between a web server and a web browser. This ensures that all data passed between the two is private and secure. It’s an industry-standard protocol used by millions of websites worldwide to protect online transactions.

Green Padlock Indicating Ssl Is Enabled
Green Padlock Indicating Ssl Is Enabled

However, if you’re wondering about the visual representation of the SSL, then look no further than the green padlock at the start of your domain in the browser’s address bar. It tells whether a website is secure or not.

If SSL is enabled for your website or blog, then you should see a green padlock like this (like the below screenshot) at the start of your website address in the browser’s address bar.

Moreover, if SSL is enabled on your website or blog, your website address also starts with HTTPS instead of HTTP, and your users establish secure connections between your server and the browser. Otherwise, your website is vulnerable to hackers on an insecure connection. Regularly updating and renewing the SSL certificate on your website is essential to fortify its defenses against evolving cyber threats.

How to Get a Free SSL Certificate for WordPress? Step-by-Step Guide

Due to the high demand for SSL, almost all popular web hosts started providing SSL certificates for free as part of their services.

Here is a list of some of the popular web hosts that provide SSL for free:

  • SiteGround
  • HostGator
  • BlueHost
  • DreamHost
  • Liquid Web
  • GreenGeeks
  • WPEngine

If you haven’t bought web hosting yet, you can check the web host features you want to purchase and make sure that they provide an SSL certificate for free.

But if you have already bought a web host, then you can log in to your web host’s cPanel and search for SSL or Let’s Encrypt to find out if your web host provides SSL for free.

When it comes to getting a free SSL certificate for WordPress, there are multiple methods that you can choose. The choice of the method depends on “What is the easiest choice for you?” These methods are as follows:

  • Ask your host
  • cPanel free SSL
  • Cloudflare 15 years free SSL

Why don’t we start with the simplest and most straightforward means of getting a free SSL certificate for WordPress?

Method 1: Ask Your Host

Why bother to setup SSL by yourself when your web host can do it for you with pleasure? I always believe in making the best use of the products and services I buy.

Nowadays, many popular web hosts offer great customer support, So if I need to do something with my website at my hosting level, I always get in touch with my web host via live support and ask them to do it for me, and they do it with pleasure.

Bluehost Support
Bluehost Support

However, many people are skeptical and don’t believe that customer support will help them in this regard. You can be surprised by how much customer support can help you.

So, don’t hesitate to contact customer support for your hosting. Furthermore, You can get in touch with your web host via Call or Live Chat (if they support it) and ask them to set up a free SSL for you on your website, and they will do it for you.

Method 2: cPanel Free SSL

If, for some reason, your customer support doesn’t provide you with a free SSL certificate for WordPress, then there is another method that you can use for this purpose. This method involves you accessing the cPanel of your website (if you have one).

  • Start by Logging in to your web hosting account’s cPanel, navigate to the “Security” section, find “Let’s Encrypt free SSL,” and activate it.

Note: If you face any sort of issue after activating the “Let’s Encrypt SSL,” contact your host via call or live chat to resolve the issue. The free SSL options could also vary depending on your hosting provider. So if you face any trouble finding Let’s Encrypt or free SSL in your cPanel dashboard, then ask your hosting provider about it.

Go To The Cpanel And Click The &Quot;Let's Encrypt Ssl&Quot; Option
Go To The Cpanel And Click The “Let’S Encrypt Ssl” Option
  • I’m currently using Namecheap hosting, and in my cPanel dashboard, there is an option called “Namecheap SSL.”
Namecheap Ssl
Namecheap Ssl
  • You can activate Namecheap free SSL when you click on Namecheap SSL; however, I’ve already activated it in this case.
Namecheap Ssl Active
Namecheap Ssl Active

Note: You can also see there is already an HTTPS redirect option available, and it’s turned ON, but if you don’t see an HTTPS redirect option in your cPanel, you can do that using the “Really Simple SSL” plugin.

  • If you’re using Namecheap EasyWP, an SSL certificate is incredibly easy to enable. Just sign in to EasyWP, and click Manage.
Namecheap Easywp Manage Option To Enable Free Positive Ssl
Namecheap Easywp Manage Option To Enable Free Positive Ssl
  • All you need to activate the status of your SSL certificate.
Active Ssl Status
Active Ssl Status
  • Of course, you can use a custom SSL certificate from any company or even 15 years of free SSL from Cloudflare as shown have to renew is in section 3.
Custom Ssl Certificate In Namecheap Easywp
Custom Ssl Certificate In Namecheap Easywp

Method 3: Cloudflare 15 Years Free SSL

When we use the “Let’s Encrypt SSL” option, it expires after 90 days, but Cloudflare SSL may not end until you become a father dancing with your two kids 😀

Funny Gif
Funny Gif

You might be asking yourself, “What is Cloudflare?” It is a Content Delivery Network (CDN) that makes your website faster and enhances security. In 2022, Cloudflare has become a new source certificate authority that offers you a self-signed certificate. Meaning it won’t be a security certificate that is not signed by a certificate authority (CA).

The best part? You don’t need to enable the certificate installation feature on your server, as it is the case with “Let’s Encrypt,” where you have to renew it after 90 days.

Don’t have a Cloudflare account? Don’t worry; I’ll guide you.

Cloudflare Sign Up Page
Cloudflare Sign Up Page
  • Now enter the website name you want to add to Cloudflare.
Adding A Site To Cloudflare
Adding A Site To Cloudflare
  • Choose the free plan and hit Continue.
Free Plan Of Cloudflare
Free Plan Of Cloudflare
  • In your Review your DNS records step, again click Continue.
Dns Records Overview By Cloudflare
Dns Records Overview By Cloudflare
  • Here comes the most challenging part of the process, setting the nameservers suggested by Cloudflare.
Cloudflare Steps To Change Nameservers
Cloudflare Steps To Change Nameservers

Don’t worry, your website will not face a down time when you change nameservers.

  • Depending on your domain registrar, the process of changing name servers might be different for different registrar companies, but the fundamentals remain the name. I’ll use Namecheap to change the nameservers. Sign in to Namecheap and click Manage.
Namecheap Domain Management
Namecheap Domain Management
  • Now, replace Cloudflare’s nameservers with your existing nameservers.
Replacing The Cloudflare Namesevers To Namecheap
Replacing The Cloudflare Namesevers To Namecheap
  • Don’t forget to hit Save Changes. Wait at least 30 minutes as DNS propagation takes time.
Visual Presentation Of Dns Propagation
Visual Presentation Of Dns Propagation
  • Once Cloudflare is activated on your domain, it’s time to create a free SSL certificate for WordPress. Go to SSL/TLS > Origin Server > Create Certificate.
Cloudflare Origin Server Section
Cloudflare Origin Server Section

Note: You’ll get a pop-up window, after which you’ll use the following settings:

Private Key Type: RSE

Certificate Validity: 15 Years

  • After making all the necessary changes, hit the “Next” button.
Cloudflare 15 Years Of Ssl Generation
Cloudflare 15 Years Of Ssl Generation

You’ll get two keys:

  • Origin Certificate
  • Private Key
Origin Certificate And Private Key Provided By Cloudflare
Origin Certificate And Private Key Provided By Cloudflare
  • Now go back to your cPanel and find SSL/TLS.
SslTls Feature Of Cpanel
SslTls Feature Of Cpanel
  • Click the link “Manage SSL sites” falling under “INSTALL AND MANAGE SSL FOR YOUR SITE (HTTPS)”
Manage Ssl Sites In Cpanel To Install Ssl
  • Select the domain from the dropdown menu where you’ll install the SSL and paste the Cloudflare values.
Installing The Ssl Keys
  • Leave the “Certificate Authority Bundle: (CABUNDLE)” empty and click Install Certificate.
Install Certificate Button

Congratulations! You’ve done all the steps necessary to enable SSL and HTTPS for your website. But don’t forget to choose “Full (Strict)” to enable HTTPS on your domain on Cloudflare.

Selecting The Option “Full (Strict) – Encrypts End-To-End, But Requires A Trusted Ca Or Cloudflare Origin Ca Certificate On The Server”

Moreover, use the feature “Always Use HTTPS” to make all the HTTP requests to HTTPS requests properly.

Always Use Https Cloudflare Feature To Make Http To Https Requests

Setup Redirect from HTTP to HTTPS

If your hosting provider doesn’t provide this feature, then you can use a plugin called “Really Simple SSL” to enable redirection from HTTP to HTTPS, so all your URLs start with HTTPS.

Install and activate Really Simple SSL plugin, and it will check if your site has an active SSL certificate. It will also provide you recommendations based on your content before you activate SSL using it.

Take a backup, and then click on the button “Go ahead, activate SSL” to activate SSL for your site, and BOOM, you’ve successfully activated SSL for your WordPress website or blog.

Active Ssl Using Really Simple Ssl WordPress Plugin
Activating Ssl Using Really Simple Ssl WordPress Plugin.

Once the SSL is activated, make sure that all your URLs start with HTTPS instead of HTTP, and even if one of your URLs begins with HTTP, then web browsers will treat it as non-secure or partially secure.

The good thing is if you use the Really Simple SSL plugin, then it takes care of that.

I hope this article helped you, but if you face any trouble, you can ask me in the comments section below or contact me directly, and I’d be more than happy to guide you through the process. 🙂

If you liked this article, please share it with your friends and subscribe to the How-To WP Newsletter below to get the latest WordPress tips, tricks, and how-to tutorials directly into your inbox.

Why Is SSL Important

There are many reasons which indicate the importance of SSL for a website, and I’ll list a few of them below, and I believe they will be more than enough for you to consider SSL and set up a free SSL for your website today.

  • Improve Security. SSL (or HTTPS) improves the security of your website. The hackers cannot manipulate the data since the communications between the end-user and the server are protected.
Http Vs Https
Http Vs Https
  • Boosts Conversions. SSL increases your website trust and boosts conversions. When a user looks at the green padlock, it boosts trust and credibility. Fitness Footwear, the largest footwear retailer in the UK, saw a whopping 13% conversion boost when they enabled the SSL. If anyone else thinks that non-SSL websites can achieve the same feet, then they are sorely mistaken.
Ssl Boosts Conversions
  • Better SEO Ranking. SSL-enabled websites enjoy better rankings as Google announced in 2014 that HTTPS, aka SSL, would be a ranking factor. There are several other things that also affect the SEO of the website (Such as backlinks, On-page, etc.), but without the SSL certificate, they don’t matter.
Google Announced Https / Ssl A Ranking Factor In 2014
Google Announced Https / Ssl A Ranking Factor In 2014

Do You Need an SSL Certificate

Now you may be asking yourself, “How much of a difference can the SSL certificate can make and do I really need it?” To keep it short and simple, “Yes, you do need an SSL certificate.”

Due to the reasons I mentioned above, I think every website should have SSL activated, be it a social media website, a forum, an e-commerce store, a membership site, or a simple blog.

Having an SSL certificate will create a positive impression of your brand among your users and audience.

Moreover, your users will feel safe and secure when they land on your website, and if you require users to log in or accept payments on your website, they won’t hesitate to input their important information if SSL is enabled on your website.

But if your website is not using the SSL, then popular web browsers like Google Chrome and Opera will show “Not Secure” at the start of your website address in the address bar, and you might lose credibility with potential customers.

Ssl Certificate Not Secure
This “Not Secure” Sign Will Hurt Your Brand Image, And It Will Also Reduce The User’S Trust In Your Website


Getting a free SSL certificate for your WordPress website is easy. You can use Let’s Encrypt, Cloudflare, or your web host’s SSL tools to add HTTPS to your site. This protects your visitors’ data, helps your search rankings, and makes your site seem more trustworthy.

As you have seen, the process is relatively simple and can be completed in just a few steps. With the help of the screenshots and detailed instructions provided, you can secure your website with HTTPS and enjoy the benefits of enhanced security and improved user trust.

Note: With cybersecurity being so important these days, using a free SSL certificate is a wise move that will benefit your WordPress site.

Frequently Asked Questions (FAQs)

How do I add free SSL to WordPress?

The best places to get free SSL are Cloudflare and Let’s Encrypt. Cloudflare SSL is for 15 years, while Let’s Encrypt SSL is only suitable for 90 days.

How can I get free SSL hosting?

The most common way is to find a hosting that provides a free SSL certificate for WordPress like Siteground, Kinsta, and WP Engine.

How much does an SSL certificate cost?

An SSL certificate from Let’s Encrypt costs $0. It costs anywhere between $60 to $3000 per year for an SSL certificate from any other Certificate Authority.

Does GoDaddy offer free SSL?

No, GoDaddy doesn’t offer a free SSL certificate for WordPress, but you can install them using Cloudflare and Let’s Encrypt. And the other way is to use their managed WordPress service to get the SSL certificate.

Subscribe to our Monthly Newsletter

Get monthly updates of WordPress tips, tricks, and tutorials in your email.

Thanks. You have successfully subscribed.

Similar Posts