The use of ssl (https) on a website, for example, is a powerful security measure to protect members’ information on any membership site. It can also prevent (through specific channels) the leakage of login IDs and passwords of WordPress site administrators.
Furthermore, it is said that search engines will (or already do) give preferential treatment to URLs that begin with https, which is also useful for SEO.
What is ssl (https)?
Information on the Internet is delivered to end-users via various servers, which are computers connected to each other around the world. The information on the site, as well as IDs and passwords, are actually transmitted between computers by intermediaries. ssl is simply a technology that encrypts and hides what data is being sent to these intermediaries.
When you ssl (https) your site, only you and the server where your site is located can know what information your end users send and receive.
Get an ssl certificate for cheap
To enable your site to communicate via ssl, you must first obtain an ssl certificate, a file in which a third party guarantees that your site is communicating properly and securely, along with proof of ownership.
Although ssl certificates are generally considered expensive, they can actually be obtained from overseas services for less than ¥1,000 per year. WordPress Doctor can obtain an ssl certificate at a low cost and install it on your server.
Install an ssl certificate on your server
Installing an ssl certificate on your server is a somewhat more difficult task. Each server management company has its own method, but here is a rough guide to installing certificates.
Create a CSR on your server (this is the document that identifies you as the owner of the server and contains the encryption key).
Submit the CSR to the Certificate Authority and obtain an intermediate certificate and the main body of the certificate (this is where your key is linked to the third-party organization).
Finally, the intermediate certificate and the certificate itself are installed on your server.
If you are using sakura internet, please refer to this page for more details.
Redirect the WordPress homepage to the ssl page
Finally, we will explain the settings to be made on the WordPress side in order to ssl the entire WordPress site. First, go to Settings -> General and set all site addresses to https.
Also, install a plugin such as Really simple ssl to redirect users to https pages on all pages when they access via http.