Security is essential in everything we do in life. At least, it puts us at ease.
For a website, it makes users feel at ease as they navigate your web pages, and bots like that too.
When I was developing sodiqajala.me, I paid no attention to security. In fact, the hosting service asked me to check a box for that SSL thingy, when I did, pricing was added, so I unchecked the box.
In my tech SEO journey, I recently figured out that security is more psychological than what it does in itself.
What I mean is that, no matter how authoritative, truth worthy, or expert-centered your website is, if your website isn’t secured, your user will gradually exit your site.
They will perceive you as fraudulent.
And if they manage to stay because of your outstanding content, they wouldn’t move to a transactional state with you.
So, what’s the use of your website if it doesn’t lead to conversation or increased sales.
Recently, I audited a client’s website and everything looked good, but I was concerned about the security score, it was just 77%. Though I’m not a perfectionist, I like things done pretty well.
I tweeted about the security issue and was lucky to get a response from Tech SEO experts and Sitebulb: the tool I used for the web crawl.
Sitebulb said, “Don’t sweat the security stuff unless it’s a site with lots of personal and sensitive data.”
I checked the site again and confirmed there’s no sensitive data therein, so, I focused on what will drive the most impact.
And on my websites, SodiqAjala.me and PristineSACC.com, I don’t have the slightest sensitive data, even my phone number, I need not sweat?
But because security is essential. And like me, you might want to un-check the security box because of cost, here’s how to secure your site for free.
When you check the URL of your unsecured website, you’ll see something like the screenshot below:
That shows that your website is not secured.
Your goal is to change it to something like this:
And you can achieve this with an SSL. In these 5 steps, you can secure your website too, just like I did for sodiqajala.me and PristineSACC.com.
How to get an SSL?
1. Create an account on Cloudflare
Cloudflare is a website that gives free SSL to websites. So, head over to cloudflare.com, and create an account. Click on “sign up” as shown in the screenshot below to do so.
2. Add your site
After that, it will prompt you to add your site.
Enter your site in the text box provided and click on “Add site.” Then click on next.
Choose the FREE plan, and click continue.
Doing that automatically adds your site to Cloudflare.
3. Change your nameservers
At this point, Cloudflare will provide you with a set of nameservers to replace the one you already have on your website.
To know this, you’ll log on to your domain name provider. In case you don’t know this, you can click on “I need help changing my nameservers,” and Cloudflare will help you with your domain name provider.
After that, you’ll log in to your domain name provider. Mine was ionos, yours could be GoDaddy, Namecheap, etc.
When you log in to your domain name provider, you’ll see your domain name. Then click on “DNS”. Then scroll down to nameservers, then click change.
After that, change “default” to “custom” using the dropdown button. Then replace the existing nameservers with the two nameservers that Cloudflare just provided you.
Once you’ve done that,
4. Install the Cloudflare plugin on WordPress account
To do this, go to your WordPress dashboard, click on “Plugins”, and then “Add New.”
Search for “Flexible SSL”: See the image below.
Install the plugin, and activate it.
5. Enable SSL in Cloudflare
Now, go back to Cloudflare, and click on the “lock” icon labeled crypto. Scroll down to the “Always use HTTPS”, and then toggle it on.
As soon as you do this, your website will be secured.
Congratulations. You’ve just secured your site.
That’s how I secured sodiqajala.me and pristinesacc.com.
Here’s a Youtube tutorial to guide you step by step.