Bluehost is one of the top web hosts for running WordPress-based blogs & websites.
They are also one of ShoutMeLoud’s recommended WordPress hosting companies. In the past, I have shared many tutorials to help you use and get the most out of Bluehost hosting.
Here are some of the popular ones:
In today’s exclusive tutorial, you will be learning how to use a free SSL certificate with your Bluehost hosting. Using this guide, you will be migrating your WordPress blog from HTTP to HTTPS.
According to Google, using SSL is one of the positive ranking factors. Moreover, SSL adds a higher trust level to your blog.
When it comes to SSL certificates, you have the option of using free ones as well as paid ones.
Before we move ahead, let’s get to know a little more about SSL certificates so that you will know what you are doing.
First of all, there are various types of SSL certificates.
For an information-based site (like a blog), you are good using a free SSL certificate.
The most popular company for issuing free SSL certificates is Let’sEncrypt. They have completely changed the model of SSL certificates, and they have made it easier for individuals like you & me to start using SSL certificates without paying a dime.
However, when you are running an e-commerce platform or transaction based site, you might consider using an EV (Extended Validation) or OV (Organization Validation) certificate that you can only get from a paid provider.
In this tutorial, I will be sharing all the steps you need to follow to start using a free SSL certificate for your WordPress blog hosted on Bluehost hosting.
Do remember, this is an important task & you should have at least one hour to implement everything. After moving your site to HTTPS, you need to do a few other things to ensure your traffic doesn’t get affected, so you will need to make sure you have enough time set aside.
Are you ready?
Complete Tutorial On How To Use A Free SSL Certificate On Bluehost Hosting For WordPress
Note: Before you start following the steps, make sure you disable your Who.Is guard & your domain’s Who.Is information is updated. You only need to do it for a few hours as sometime Bluehost sends email for validating domain ownership.
Once you have successfully activated the SSL certificate, you can enable the Who.Is guard for your domain again.
With that, let’s get started with this epic guide…
So Bluehost now offers a free SSL certificate for their users directly from the Bluehost cPanel. To start using it, log into your Bluehost cPanel & click on WordPress tools at the top.
Click on Security to access the SSL options panel.
In front of “Free SSL Certificate”, toggle the button to On. This will start installing the free SSL certificate on your Bluehost hosting account.
You might see a pending notice & this message:
“Working on it…
We’re setting up your SSL – this may take a few hours. In some situations, we may need you to take action. If so, you’ll receive an email with instructions. For now, feel free to start exploring WordPress or jump into building your website.”
You will also get an email from the Bluehost billing team about your free SSL certificate purchase.
In my case, I let the page work for 45 minutes & it was still loading. Eventually, I reloaded the page & had to re-toggle the “Free SSL certificate” button to On.
This time, within 5 minutes, the page stopped loading & I got the final screen.
This means the free SSL certificate has been installed on the domain & now we can migrate our site from HTTP to HTTPS.
It’s a good idea to use an online SSL checker tool like this to verify if your domain has an active SSL certificate or not.
Here is the result from my test domain after adding the free SSL certificate:
If you are doing this for an existing WordPress site, your real work starts here.
There are a few steps that you need to do to ensure you are properly moving from HTTP to HTTPS. Moreover, you also need to take care of SEO.
However, do not worry, as this tutorial is going to help you with every step to properly migrate to HTTPS.
Moving Your WordPress Site From HTTP To HTTPS
Now after activating the SSL certificate, the next step is to force everything to load on HTTPS & also ensure that the HTTP to HTTPS migration is search engine friendly. If you don’t do this, you might end up losing traffic.
Follow all the below mentioned steps & in the next 10-15 minutes, you will have successfully moved your WordPress blog to HTTPS.
Note: SiteGround, A2Hosting, and Dreamhost users can also take advantage of a free SSL certificate. Just ask your hosting support team to enable a free SSL certificate for you & follow these below-mentioned steps to further finish the migration from HTTP to HTTPS.
Install Really Simple SSL Plugin
When you enable your free SSL certificate on Bluehost hosting, it automatically updates the site’s URL.
However, at this moment, your site is accessible with both the HTTP & HTTPS addresses.
By using the Really Simple SSL WordPress plugin, all of your traffic on HTTP will automatically redirected to HTTPS.
- This is an easy plug & play plugin.
Once you have installed & activated the plugin, you will see a screen like this:
Click on Go ahead, activate SSL!
Edit Your .htaccess File & Add The Code For HTTP To HTTPS Redirection
You also need to add these few lines of code into your WordPress .htaccess file.
You can edit this file using the Yoast SEO plugin or by FTP. Here is a guide to learn more about editing the .htaccess file.
At the beginning or end of the .htaccess file, add:
RewriteCond %HTTPS off
RewriteRule (.*) https://%HTTP_HOST%REQUEST_URI [R=301,L]
Once this is done, you are almost done with moving your WordPress blog to HTTPS.
Update All HTTP URLs In Database To HTTPS Using Really Simple Plugin
The Really Simple SSL plugin + the .htaccess code above will help you redirect all traffic from HTTP to HTTPS. However, it’s a good idea to update all existing links from HTTP to HTTPS.
You can do that using a WordPress plugin called Better Search & Replace.
Install & activate the plugin. Go to Tools > Search & Replace to start using the plugin.
Note: Take a backup of your WordPress database before running this plugin.
Once this is done, you can also install the Broken Link Checker plugin & use its redirection module to find links to 3rd party sites with HTTP that should now be HTTPS.
This is a regular practice that I follow to keep my site’s SEO intact.
Now it’s time to make some changes in your CloudFlare dashboard (or using the CloudFlare WordPress plugin).
Steps For CloudFlare Users
In my earlier blog posts, I have told you to start using CloudFlare as it helps in many ways:
First, log in to your CloudFlare dashboard & go to your domain.
Go to Crypto & under “SSL”, change the settings to Full.
On the same page, scroll down & enable Automatic HTTPS Rewrites.
Now, your HTTP to HTTPS migration is done.
However, you still need to do a couple of quick things:
Well, that’s all! If you have done all the steps mentioned above, give yourself a pat on the back. It’s time to celebrate.
You should also treat me some day for this guide. 🙂
Conclusion: Using Free SSL on Bluehost
The new WordPress tools inside the Bluehost cPanel make it easier for every Bluehost user to enjoy free SSL certificates. However, if you are activating a free SSL for an existing blog, you also need to follow the steps mentioned above to ensure moving from HTTP to HTTPS doesn’t affect your traffic.
For a new blogger who is just starting out, you just need to enable HTTPS as soon as you buy hosting from Bluehost.
You can get hosting from Bluehost here. (Free SSL + PHP 7 + Free Domain)
Now it’s your turn to let me know: How was your migration from HTTP to HTTPS? Did you face any problems & how did you overcome them? Let me know your experience in the comments section below!
Find this tutorial useful? Share it with others who are using Bluehost for their WordPress blog!