Security on the internet is in jeopardy and the threat won’t be going away any time soon. Naturally, Google has a vested interest in keeping the entirety of the internet safe, underscored by the most recent security updates rolled out in the latest version of Chrome.

Chrome has long used Visual cues to let visitors know when a page is unencrypted or infected. The circle ‘i‘ icon has been a fixture of the browser for years now. But with the release of version 56, pages with a login or credit card form will now display the words ‘Not secure’ next to the domain. Here’s an example of a login page with the new warning:

For security nerds like us, we welcome the change. But for webmasters and businesses, there are some pretty dramatic consequences for failing to protect their domain. On the flip side, installing an SSL certificate is a easy and the benefits include better search rank and improved site reputation.

It used to be that SSL’s were reserved for ecommerce sites, particularly at the point of checkout. The increasing threat of malware and phishing scams has mandated a more robust defense. Now it is common practice to protect all pages of your website regardless of the type and volume of visitors to your site.

If your website is unencrypted you should also consider how your search rank is affected. Google has confirmed they will prioritize websites that are encrypted over those that are not. This fact alone makes installing an SSL worth the effort.

Building trust with your audience:

An SSL certificate helps you convey that you operate “above board”, which goes a long way to build trust with your audience. Most major browsers use visual cues similar to Chrome to help visitors make a decision about who they should trust on the internet. Logically, the more a visitor “trusts” you, the more likely they are to purchase your products or opt-into your newsletter. Likewise you can take the added step of including a Trust Seal on the website itself, a further visual cue to establish trust.

How does an SSL work?

An SSL certificate is a digital certificate that authenticates the identity of a website, and encrypts information sent to the server using Secure Socket Layer (SSL) technology. It is essential to encrypt all information sent over the internet, which is easily intercepted if it is not.

Free and paid SSL options:

First, determine what type of certificate may be required bast on your security. This decision often boils down to the types of information you handle. If you’re not transmitting especially sensitive information, a free certificate may suffice. It’s a good idea to have this discussion with your web host to get their recommendation. For ecommerce, healthcare and other regulated businesses, security precautions are a top priority. so an SSL with the appropriate level of encryption will be needed to protect sensitive customer data and also meet compliance mandates like PCI, HIPPA and Sarbanes Oxley.

Installing and configuring an SSL on WordPress:

After you’ve procured a free or paid SSL you will need to install it. WordPress has a variety of plugins available for installing an SSL certificate including Really Simple SSL, WP Force SSL, and for Cloudflare customers can download a convenient WordPress plugin to automatically install and configure your SSL.

Then you’ll want to adjust your domain settings on WordPress to reflect the new HTTPS prefix, ensuring this change applies to all pages on your domain. This can be done via your Settings in the WordPress dashboard, or directly in your .htaccess file.

Finally you’ll want to address any issues related to redirects and redirect loops. For seasoned WordPress developers, this process is relatively straight-forward. But it is one that is best handled by a professional.

A “Mixed Content” warning means something still isn’t encrypted:

After installing an SSL certificate some of your content still may not encrypted, known as a “mixed content” error. This is a common issue that may require troubleshooting. There are links to all different types of content within the framework of your website, including images, javascripts and related content. All links must be protected to achieve the coveted Secure badge next to your domain:


If you want to maintain the confidence of your website visitors, and maintain or improve your search rank, be sure to get your SSL in place ASAP. It’s an essential step in the ongoing struggle to protect website visitors from malware and our website assets. You can be sure Google and other’s will continue to influence these trends, so why not get ahead of the curve.

Your 24/7 Security Advocate

If you’re looking for assistance, look no further than WP Always. We have over 9 years providing exemplary WordPress development services, and security is at the heart of our mission. Do you need an SSL Certificate installed? You can purchase a package here, or call us to discuss your options further. We’ll have your site secured within 48 hours.

About WP Always

WP Always. provides a full spectrum of WordPress Development services including, flat-rate security & maintenance packages, malware removal, and everything from one-off maintenance work to full-scale development. Call (877) 869-4003, or email

Install my WordPress SSL please!