Lifetime SSL solution & Security - Install free SSL certificate & enable HTTPS redirect, HTTPS mail, fix SSL errors, SSL score, SSL details &a …
HTTPS Secure your WordPress site with SSL certificate provided by Let’s Encrypt® and force SSL / HTTPS sitewide, check your SSL score, fix insecure content & mixed content issues easily. Enable HTTPS secure padlock on your site within minutes.
WP Encryption plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge.
A typical SSL installation without WP Encryption would require you to generate CSR, prove domain ownership, provide your bussiness data and deal with many more technical tasks!.
(V7.0) NEW Vulnerability Scanner + Security page – Enable important security protocols to safeguard your site.
Linux hosting, OpenSSL, CURL, allow_url_fopen should be enabled.
(Optional) Running WordPress on a specialized VPS/Dedicated server without cPanel? You can download the generated SSL certificate files easily via “Download SSL Certificates” page and install it on your server by modifying server config file via SSH access as explained in our DOCS.
Navigate to SSL Health & Security page and run the vulnerability scanner to scan your WordPress, Plugins and Themes for known vulnerabilities. Keep everything updated to stay secure.
Safeguard your site from cross-site scripting attacks, clickjacking, MIME sniffing attacks.
Secure HTTPS browser padlock in minutes.
Free domain validated (DV) SSL certificates are provided by Let’s Encrypt (A non profit Global certificate Authority).
SSL encryption ensures protection against man-in-middle attacks by securely encrypting the data transfer between client and your server.
SEO Benefit: Major search engines like Google ranks SSL enabled sites higher compared to non SSL sites. Thus bringing more organic traffic for your site.
Data Encryption: Data transmission between server and visitor are securely encrypted on a SSL site thus avoiding any data hijacks in-between the transmission(Ex: personal information, credit card information).
Trust: Google chrome shows non-SSL sites as ‘insecure’, bringing a feel of insecurity in website visitors.
Authentic: HTTPS green padlock represents symbol of trust, authenticity and security.
Many thanks to the generous efforts of our translators.
If you would like to translate plugin to your language, Feel free to sign up and start translating!
If you find this plugin useful, please leave a positive review. Your reviews are our biggest motivation for further development of plugin.
WP Encryption uses SSLLabs API for SSL scan & detection. By using the plugin, you agree to terms & conditions of SSLLabs
By enabling the Vulnerability Scan feature, you agree to terms & conditions of WPVulnerability Database API. The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information.
Security is an important subject regarding SSL/TLS certificates, of course. It is obvious that your private key, stored on your web server, should never be accessible from the web. When the plugin created the keys directory for the first time, it will store a .htaccess file in this directory, denying all visitors. Always make sure yourself your keys aren’t accessible from the web! We are in no way responsible if your private keys go public. If this does happen, the easiest solution is to check folder permissions on your server and make sure public access is forbidden for root folders. Next, create a new certificate.
SSL Health & Security page with realtime SSL score
Generate and Install free SSL certificate while Agreeing to TOS
SSL certificate generation successful message
Download/Copy generated SSL certificate & key
Force HTTPS via htaccess or WordPress method
Mixed Content Scanner to identify insecure contents on HTTPS site
Installing SSL certificate is a server side process and not as straight forward as installing a ready widget and using it instantly. You will have to follow some simple steps to install SSL for your WordPress site. Our plugin acts like a tool to generate and install SSL for your WordPress site. On FREE version of plugin – You should manually go through the SSL certificate installation process following the simple video tutorial. Whereas, the SSL certificates are easily generated by our plugin by running a simple SSL generation form.
By adding below line of code to your wp-config.php file, All SSL enforcements like HSTS, Upgrade insecure requests, redirect to HTTPS, mixed content fixer will be disabled. Please check your .htaccess file for any other HTTPS enforcement related codes and remove it.
define(“WPLE_DISABLE_HTTPS”);
If you already have SSL certificate installed, You can use WP Encryption plugin purely for HTTPS redirection & SSL enforcing purpose. All you need to do is enable “Force HTTPS” feature in this plugin.
Starting from WP Encryption v5.4.8, you can now secure your webmail & incoming/outgoing email server following this guide
First of all, Please make sure you can access your site with and without www. Otherwise you will be not able to complete domain verification for both www & non-www together. If both are accessible, You will see “Generate SSL for both www & non-www” option on SSL install form. Otherwise, this option will be hidden.
Please make sure you can access your site with and without www. Otherwise you will be not able to complete domain verification for both www & non-www together. You can also force enable this checkbox by appending includewww=1 to page url i.e., /wp-admin/admin.php?page=wp_encryption&includewww=1
Images on your site might be loading over http:// protocol, please enable “Force HTTPS via WordPress” feature of WP Encryption. If you have Elementor page builder installed, please go to Elementor > Tools > Replace URL and replace your http:// site url with https://. Make sure you have SSL certificates installed and browser padlock shows certificate as valid before forcing these https measures. If you have too many mixed content errors because of http:// resources loaded in your css, js or external links, We recommend using “Really Simple SSL” plugin along with WP Encryption.
You can click on STEP 1 in progress bar or Renew SSL button (which will be enabled during last 30 days of SSL expiry date) and follow the same initial process of SSL certificate generation to renew the certificates.
Wildcard SSL support is included with PRO version
This might happen for non cPanel sites, all you need to do is reboot the server instance once.
Please follow the revert back instructions given in support thread – Forced SSL via Htaccess and support thread – Forced SSL via WordPress accordingly.
Feel free to open a ticket in this plugin support form and we will try our best to resolve your issue.
You don’t need to configure anything. Once after you upgrade to PRO version and activate PRO plugin on your site, the auto renewal of SSL certificates will start working in background according to 60 days schedule i.e., 30 days prior to SSL certificate expiry date.
If your site built with Elementor is showing insecure https padlock even if SSL certificate is properly installed & valid, it could be due to insecure http:// assets being loaded in page builder blocks like image block. Please go to Elementor > Tools > Replace URL and replace http://yoursite.com with https://yoursite.com