A month ago we made the first step to increase the adoption rate of SSL certificates amongst our customers by starting to issue automatically Let's Encrypt certificates for all domains hosted on our servers. However, there still remained a manual step to configure all applications to use the certificates we've made available. We knew that if we really wanted to see a rise in the HTTPS usage we not only needed to provide the SSLs, but also make it easy for our clients to implement them. Today we are happy to announce that we have achieved this second goal for a large group of our customers -- the WordPress users.
What does it normally take to make a WP site run via HTTPS properly?
In order to make your WordPress site run over HTTPS you typically have to do several things: install an SSL on your hosting account, add some lines to your .htaccess file to force the SSL usage and then identify and fix mixed content issues.
What does it take now to make a WP site run HTTPS properly on SiteGround?
The answer is: no additional actions needed for newly installed WordPress applications, and a single click for already active sites.
New WordPress installs already run via HTTPS out of the box.
All new WordPress installations completed on our servers via Softaculous or via our setup Wizard now use the automatically installed Let’s Encrypt SSL and run through HTTPS by default.
Existing WordPress installs can be switched to HTTPS with a single click
This magical “Force HTTPS” click can be made in our freshly extended WordPress plugin. It was formerly known as SG CachePress and was used to configure our in-house WordPress cache system - the SuperCacher. However, the plugin is now called SG Optimizer and includes the option to force HTTPS on your WordPress application. Switching it on will automatically configure WordPress to use the already installed by us SSL. It also forces all the traffic to go through encrypted connection to avoid any possible duplicate content issues you may experience because of having both http and https versions of your site available. Furthermore, you don't have to manually fix all those resources, you've included to your posts, pages, widgets and even the theme through http, as the plugin will automatically detect and fix them.
So, WordPress users, wait no more! Make your site HTTPS ready now! If you already have SG CachePress installed, just update it to the new extended version through your WP-admin and click the HTTPS force button. Otherwise, you can download the plugin from this link.
This is not our last step toward making HTTPS universally used. We are already working on an easy switch on server level that will work for any site hosted on our servers. Stay tuned.