WordPress and SSL

If you have a WordPress website, you may be especially vulnerable to attacks by hackers.

Out of several million websites hacked in one year, almost 75% of those sites were based on WordPress. This is not surprising because of the massive number of WordPress-based websites that exist, and because every plugin that is installed is a potential access point for hackers to gain entrance.

So if you have a WordPress website, it is vital that you get SSL installed as quickly as possible. You want to protect yourself, your website and your customers from the devastation which can be caused by a hacker who decides to target your site.

On  December 1, 2016, Matt Mullenweg (developer of WordPress) announced that WordPress is pushing for greater security measures for wordpress sites.

WordPress will also be limiting critical features (such as API authentication) to only those websites that have implemented an SSL Certificate.

It only makes sense to implement SSL immediately so you can have the greatest possible advantage available to you as you compete for customers.

WordPress has also stopped promoting all their hosting partners unless they automatically issue an SSL Certificate to all their users by default.

Some more reading that you will find helpful:

Google Chrome SSL certificate proposal could affect millions of websites

Last year, the developers behind Google’s Chrome browser began taking steps designed to protect users and encourage companies to use HTTPS.

But now, potentially millions of websites that use SSL certificates issued by Symantec and affiliated resellers could find that their certificates are effectively worthless as far as Chrome is concerned, after a member of the Chrome team published a proposal that would make them untrusted over the next 12 months.

The reason? According to the Google Chrome team, Symantec has not properly validated thousands of certificates. In fact, the Chrome team claims that “an initial set of reportedly 127 [misissued] certificates has expanded to include at least 30,000 [misissued] certificates, issued over a period spanning several years.”…Read More

Do I Need an SSL Certificate On My WordPress Website?

With a market share north of 28%, WordPress is a popular tool powering up lots of business websites. Yet, its popularity makes it an ever-more interesting target for hackers and malicious attacks, both of which can erode consumer confidence and leave you stuck with no traffic and falling sales.

Security should never be taken for granted, no matter how “big” or “famous” your website is. Actually, there are several ways and best practices to improve the security level of your website.

When people talk about security, they usually bring on the table another term that unfortunately has very little to do with a website’s level of security: I’m talking about SSL certificates. The misconception relies on a wrong idea on how these SSL certificates actually work and relate with security.

In this post, and thanks to an experienced security expert, I’ll explain the nitty gritty important details around SSL certificates, leaving out all the technicalities and “obscure” lingo that usually comes when talking about this topic…Read More

What to do After Installing SSL Certificate on Your WordPress Website

It’s one of the sensitive topics these days and people are really worried about their non-HTTPS websites. Many people have enabled it but don’t know what to do after installing SSL certificate.

As I have discussed before, you can also enable SSL using your Inmotion Hosting account if you’re their customer. It’s just like any other web hosting.

But the point occurs as if what would you do if you use CloudFlare or your web hosting and fail to apply the SSL accurately.

Most of the times, people fail because of their existing content. In this article, you will learn the things you should do to fix everything…Read More