My hosting company finally got around to enabling Let’s Encrypt SSL certificates. I’d been nagging for at least a year.
I managed to move ALL my sites to SSL for free (apart from the ones I’d already bought certificates for), in one morning.
All I did was enable Let’s Encrypt for each site in turn, in PLESK, take the default options, and then use the “Really Simple SSL” WordPress plugin.
That’s it. Sorted. For Free. If your hosting company doesn’t support Let’s Encrypt, MOVE.
REMEMBER: Google promotes encrypted sites above others in search results. Chrome marks unencrypted sites as “Not secure”. You don’t want that.
I recently needed to upgrade an existing wordpress site to SSL/https:.
This was made more complicated by the fact that it was on a shared hosting server, AND used cloudflare CDN.
This should have been simple:
Except it didn’t work.
I couldn’t get it to reliably use https:// or redirect http://website.com or http://www.website.com
Eventually, after raising tickets with Cloudflare and The hosting company, I found a plugin called “Really Simple SSL”.
This configured wordpress to use https AND rewrote the htaccess file to do the redirects. In the end I had to manually edit the file as my htaccess file is secured, but at least they gave me the code to do that.
I left the cloudflare CDN SSL setting as “flexible”, as anything else caused problems.