You need an SSL Certificate on your WordPress website. Even if you aren’t taking card numbers or having login pages where people enter usernames and passwords, the Google search algorithm prioritizes sites with an SSL certificate.
Google feels so strongly about sites having SSL that now any sites that do not have them display a not secure warning in the Google Chrome browser. Where sites that offer SSL will display the lock icon. Google has been shifting the narrative of SSL.
Why do I need an SSL Certificate?
From something you use for extra security to being the new standard, your site is suppressed in the algorithm and labelled as not secure if you don’t have one. So yes, there’s no way to spin it. Your website needs an SSL certificate.
Now recently, when I did my GoDaddy web hosting review, I saw that they are charging 667 a month for an SSL certificate. Some people pay at least something for an SSL certificate because they know it’s a priority, and they figure it just costs money.
Well, in the past, it did. It wasn’t unreasonable to pay 10 plus dollars per year for an SSL certificate. But today, there is little reason to pay for SSL.
Hosts that provide a free SSL:
That’s mainly thanks to Let’s Encrypt, a nonprofit certificate authority providing free SSL certificates to everyone. Many web hosts I recommend already work directly with Let’s Encrypt to give you free SSL certificates for your website. Hosts like Namehero, WPengine, and DreamHost.
Offer direct integration with Let’s Encrypt, so you can click a button in your panel and get your free SSL certificate. Still, a lot of hosts don’t offer integration for this. For some hosts, it’s because they haven’t gotten around to adding it yet.
And for others, and this is the big reason, it’s because they would rather sell you an SSL certificate and make more money. And that’s just the sad truth of the hosting industry. But there’s actually a workaround to this problem. And that’s to use Cloudflare.
What is Cloudflare?
Cloudflare is a free content delivery network, security firewall, and external DNS system that I’ve talked about before on this channel. It’s totally free to use, and they actually offer several options to get SSL on your website for free, even for hosts that don’t support Let’s Encrypt.
Just by setting up CloudFlare with your website, you can use what’s called flexible SSL. This is where traffic is encrypted from the Cloudflare servers to your browser, sufficient for the browser and Google.
To recognize your site as secure and present the lock icon. This free protection method is easy to set up and is legitimate if you’re using SSL to display the lock and satisfy the Google algorithm. But if you are taking card numbers or having a member login area on your website.
I would recommend having a full SSL solution. This is where all the traffic from your web host through Cloudflare and the browser is fully encrypted. This is the type of full SSL you receive for free.