How to Implement SSL in WordPress on Shared Hosting, Cloud?

Make your WordPress site accessible over HTTPS by implementing
SSL on cPanel hosting, VPS or Cloud server, Cloudflare,
EasyEngine, Cloudways

Securing website is not an optional and as
important as content, design or SEO. One of the essential tasks
of securing
site is to configure SSL/TLS (Secure Socket Layer/Transport
Layer Security) certificate, so your website is accessible only
through HTTPS.

HTTPS (Hyper Text Transfer Protocol Secure) ensure the data
transaction between a client (browser) to the server is
encrypted. Data could be anything from user
name, email, password or credit card if you are running an online store .

Lately, HTTPS is also included in search ranking
, so it’s not just for e-commerce site but
applicable to all. The good thing is you can get it started in

Glad to see the HTTPS adoption at this rate, half of the web is now
encrypted .

Let’s get into technical details.

You may offload SSL handshake at multiple

  • Web Server
  • Load Balancer
  • Network edge/CDN

The prerequisite for configuring your website accessible over
HTTPS is SSL/TLS certificate.

Let’s encrypt offer FREE certificate, and there are some more
which I mentioned here . And
if you want to buy Symantec, Thawte, GeoTrust,
etc. then you may get it from  SSL Store .

Let’s see the implementation details. The
following I’ve used my test domain ( with
Genesis theme .

As a best practice, take a backup before
making changes so in case something goes wrong, you can roll

Shared Hosting (cPanel)

Most of the top shared hosting like Site Ground , Bluehost offer FREE certificate under all
the plans. If you are hosting your site on cPanel hosting, then
the following steps would help you.

Below example is from Site Ground but should work with any
cPanel hosting provider.

  • Login to Site Ground
  • Go to My Accounts >> Go to cPanel

  • Go to WordPress toolkit under Tools

  • Click Manage under Actions

  • It will open a popup, select Enable SSL
    and change

SiteGround will provision Let’s encrypt certificate for
your domain
and do the necessary modifications in
WordPress, so it’s accessible over HTTPS.

You can validate by accessing your URL with https in the
browser. In my scenario – it would be

This indicates my WordPress site has SSL enabled which is good
but there is a small problem.

The problem is that site is accessible over HTTP and HTTPS both
which is not good and have to do one more configuration change
to ensure all requests are served only over

  • Go to cPanel
  • Scroll down a bit and click Let’s Encrypt
    under Security section

Turn ON HTTPS Enforce & External Link

Congratulation! You’ve successfully enabled
the certificate for your WordPress site hosted on shared
hosting. Verify by accessing few pages to ensure it works as

Note: some of you have reported that
images are not showing as it tries to load
over HTTP. If you are encountering this issue, you can fix by
installing  SSL Insecure Content Fixer
plugin . The default configuration worked for me.

If your hosting provider doesn’t offer free SSL, then you may
want to try out Site Ground .


Personally, I would prefer to have SSL handshake
terminated at network edge
 device or CDN , but it may not
apply to you.

Below instructions are based on Nginx on Ubuntu 16.04
using FREE cert
offered by Let’s Encrypt. However, if
you are using Apache HTTP server then refer this for
traditional cert and
this for let’s encrypt .

apt-get install letsencrypt
  • Generate the certificate for the domain
letsencrypt certonly --webroot -w /var/www/html -d -d

Note: change the --webroot with
your actual DocumentRoot location. In above
command, I’m generating a cert for domain including
www so if someone tries to access using www it
will not give certificate error.

  • It will prompt to enter the email address

  • Accept the terms & condition

It will take few seconds, and you will get a confirmation with
notes including cert

 - If you lose your account credentials, you can recover through
   e-mails sent to  [email protected] 
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/ Your cert will
   expire on 2017-11-10. To obtain a new version of the certificate in
   the future, simply run Let's Encrypt again.
 - Your account credentials have been saved in your Let's Encrypt
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Let's
   Encrypt so making regular backups of this folder is ideal.
 - If you like Let's Encrypt, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:
   Donating to EFF:          

Let’s configure Nginx to listen on port 443 and provide
SSL cert

  • Edit the Nginx configuration file
    /etc/nginx/sites-available/default and add the
    following in server block under
    listen directive.
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:15m;
ssl_session_timeout 15m;
service nginx restart

Now, you should be able to access WordPress hosted on VPS
through HTTPS.

In default + above configuration, Nginx is listening on port 80
(HTTP) and 443 (HTTPS) both which means a website is accessible
on both protocol. To ensure all the request is
served over HTTPS, you can install  Really Simple SSL plugin .

  • Once a plugin is installed, Go to Settings and click “Go
    ahead, activate SSL!”

  • Once activated, you will get a confirmation

Verify by accessing a site with http:// and you will notice it
will be redirected to https://. Additionally, you may also want
to test your site for any SSL/TLS
vulnerabilities .

Great! WordPress site is successfully secured
with SSL certificated on Cloud server .


One of the easiest ways to add SSL to a website is through
Cloudflare. Cloudflare offers many performance
& security advantages including FREE SSL

If you are using their service already then here is how you can
enable it quickly.

  • Login to Cloudflare and go to Crypto tab
  • Ensure SSL setting is not Off (Flexible is

  • Scroll down a bit, select ON for
    “Automatic HTTPS Rewrites.”

Easy, isn’t it?

Note: If you notice mixed content issue then you may need to
install Cloudflare Flexible SSL plugin as I

explained here .


I love EasyEngine . One of the quickest and easiest way
to get WordPress running on Cloud server or VPS in less
than 10 minutes.

If you’ve installed WordPress with http:// using EasyEngine
then you can upgrade to https:// with the following command.

Login to EasyEngine server and execute below command

ee site update --letsencrypt

For ex:

 [email protected] :~# ee site update --letsencrypt
Letsencrypt is currently in beta phase. 
Do you wish to enable SSl now for
Type "y" to continue [n]:y
Downloading LetsEncrypt          [Done]
Please Wait while we fetch SSL Certificate for your site.
It may take time depending upon network.
Let's Encrypt successfully setup for your site
Your certificate and chain have been saved at /etc/letsencrypt/live/
Configuring Nginx SSL configuration
Adding /var/www/
Adding /etc/nginx/conf.d/
Added HTTPS Force Redirection for Site
Creating Cron Job for cert auto-renewal
Reload : nginx     [OK]
Congratulations! Successfully Configured SSl for Site
Your cert will expire within 89 days.
 [email protected] :~#

Just one simple command and you are done.


Cloudways is fantastic for managing
cloud hosted platform. You can launch your website on
Google Cloud Platform, AWS, Kyup, Vultr &
from a central platform.

To enable Let’s encrypt free SSL certificate on WordPress site
managed through Cloudways, you got to do the following.

Login to Cloudways platform >> Applications

Select the WP site >> SSL Certificate

Enter your email & domain name and click
“Install Certificate.”

It will take few minutes and once done; you should see it has
successfully enabled on the domain name.

The good thing is you don’t have to worry about certificate
renewal as Cloudways take care auto-renewal

Cloudways offer a FREE trial , so you can give
a try to see how it works for you.

So that was all for today about implementing SSL/TLS
certificate correctly in WordPress
. I hope this helps.


Leave a Reply

%d bloggers like this: