FLASH SALE Get 20% OFF everything using the coupon code: FLASH20 View Pricing Plans →

How to Switch From HTTP to HTTPS in WordPress With a Free SSL Certificate

How to Switch From HTTP to HTTPS in WordPress

Looking for a way to protect user data on your site? Switch your WordPress site from HTTP to HTTPS.

While you may be familiar with HTTP and how it’s used to protect site data from being accessible, it’s not the most secure way to protect your site’s data. This is because HTTP uses plain text to send data over the internet. This means anyone can read important data such as credit card information, passwords, or sensitive account information.

To prevent this, you can use HTTPS or switch your existing HTTP site to HTTPS which is fully encrypted and much more secure. On top of this, Google gives websites that have encrypted connections a sizable boost in SEO ranking. This way, you not only make your site more secure but also enhance visibility in search engine results.

In this post, we’ll dive deeper into the usefulness of HTTPS and see how to switch from HTTP to HTTPS in WordPress with a free SSL certificate.

What is HTTPS/SSL and why do you need it?

HTTPS (also known as HTTP SSL) is a form of encryption method for websites that want to protect their site’s crucial data from hackers or unauthorized users. The “S” represents the SSL certificate which is essentially a way to tell browsers that your site is safe and secure while also enabling you to accept payments online.

While most paid SSL certificates can cost a fortune, it’s not necessarily the only option to switch your site from HTTP to HTTPS as you can get one for free. This way, your site will have its own unique SSL certificate that will be validated by browsers when users want to access your site, without having to pay or allocate your business’ budget towards purchasing an SSL certificate.

Let’s take a closer look at some other reasons why HTTPS is important for sites that handle user data:

  • Security. One of the major benefits of using HTTPS is the security and protection it offers. This way, hackers or fraudsters cannot access your site’s crucial user data such as payment information or profile pictures. This not only helps offer a more secure browsing experience on your site but is also essential if you want to accept online payments directly from your site. Without it, most users will not feel comfortable adding their payment information and checkout from your online store.
  • Improve brand image. If you’re promoting or offering a safe and secure browsing experience on your site, HTTPS helps you improve your brand image. If your site doesn’t use a secure connection, anyone using the popular Google Chrome browser will see your website as flagged for a security risk. With an HTTPS site, your site visitors will have an easier time entering their personal information and creating an account or adding their credit card information to purchase products without having to worry about security or their data getting hacked.
  • Enhance SEO. Just like we mentioned earlier, Google rewards sites that use encrypted connections such as HTTPS to protect site data with a boost in SEO rankings. This can help your site’s content appear higher in users’ SERPs and increase site traffic.

While HTTPS is crucial for making sure your website is safe and secure, it also impacts your site’s SEO rankings. Anyone who uses the Google Chrome browser will be able to tell that your site is not secure and doesn’t use SSL certification. This not only causes a bad impression but also makes it more likely for site visitors to bounce off your site’s landing page.

This can be less than ideal, especially if you run an online store and want to accept payments from your customers online. Most popular payment methods such as Stripe, PayPal, and Authorize.net require your site to use an encrypted connection or SSL certification before you can start accepting payments.

Protecting user data on your site is highly important if you’re looking to create a professional site that doesn’t get “red-flagged” by browsers and offers a secure browsing experience as well as preventing any risk of data loss.

How to add an SSL certificate for free on your WordPress site

While the common misconception about using an encrypted connection for your site is that it is costly or expensive, we’ll show you two great ways to add an SSL certificate on your WordPress site completely for free.

Method #1: Choose a hosting provider that offers free SSL certificates

One of the best ways to get a free SSL certificate for your WordPress site is to choose a WordPress hosting provider that offers free SSL certificates with their hosting plans. A great example of this would be SiteGround as all websites created through their platform are fully SSL encrypted and protected by default. This way, you don’t have to worry about paying extra for SSL encryption and then worrying about installing the certificate on your WordPress site yourself.

Once you create a website with SiteGround, within 72 hours your site will automatically be encrypted with SSL certification. To check whether your site has been successfully HTTPS converted, head on over to Site Tools → Security → SSL Manager from the SiteGround dashboard.

SiteGround HTTP to HTTPS

This will display a list of all issued and activated SSL certificates for your sites. If you cannot see the “Active” status for your automatic SSL activation, you can issue one manually yourself as well. To do this, navigate to Security → SSL Manager and click on the Install New SSL button.

Install new SSL certificate

Select your domain using the dropdown menu and choose Lets Encrypt before clicking on the Get button to continue.

Once you get the SSL encryption from SiteGround, it’s important to configure your WordPress site so it works perfectly with your SSL certification. The best way to do this is by using the SiteGround Optimizer plugin for WordPress. Once you activate the plugin, navigate to SG Optimizer → Environment from the WordPress admin panel.

SiteGround Optimizer environment

Activate the HTTPS Enforce checkbox and click on the Save changes button to continue. This will ensure HTTPS is working perfectly on your WordPress site. To further make sure everything is in order, we can use the Really Simple SSL plugin.

HTTPS Enforce

Once you activate it, the plugin will check whether your SSL certificate is enabled and is working properly on your WordPress site or not. In addition to this, it will also fix the mixed content error that is most commonly caused by using HTTP on your site.

Method #2: Generate a free SSL certificate with Zero SSL

Another way to get a free SSL certificate is with Zero SSL. The free version of Zero SSL lets you add SSL certification to your site for free without any hidden costs. However, the only downside is that you will have to manually reactivate the free SSL certificate after every 90 days.

After creating a free account for Zero SSL, you can generate the SSL certificate and install it on your WordPress site. To get started, navigate to the New Certificate page using the Zero SSL dashboard.

New SSL certificate

Once you enter your domain name, click on the Next Step button to continue.

Free 90 day SSL certificate

Choose the 90-Day Certificate option before moving on to the next step.


You can also choose to automatically generate CSR and contact information for your SSL certificate.

The final step requires you to choose your payment plan. Select the Free plan and click on the Next Step button for the last time to create a new SSL certificate for your website.

Now, to make sure the new SSL certificate works perfectly with your WordPress site, you will need to install the Really Simple SSL plugin. Once you activate the plugin, it will automatically update your site’s URLs and ensure all site visitors are redirected to your new HTTPS URL.


HTTP has become redundant in the past couple of years, especially after Google announced that all websites without HTTPS will be declared as “not secure”. On top of this, HTTPS ensures all your site data is fully secure and prevents hackers from stealing important user data.

While premium SSL certification is not budget-friendly, you can still get away without paying for an SSL certificate for your HTTP site. For instance, you can use a hosting provider that offers free SSL such as SiteGround. Or, if you don’t have to migrate to a different hosting provider, you can use Zero SSL and use their 90-day free SSL certificate on your WordPress site.

Do you have any questions about how to switch from HTTP to HTTPS in WordPress for free? Let us know in the comments box below.

Related Posts

Subscribe to the WPZOOM newsletter.

Join 150,000 people. Get our latest news & releases delivered to your inbox.

Leave a Reply