To protect site visitors from eavesdroppers, Force WP recommends SSL/TLS certificates for all sites. SSL/TLS certificates enable visitors to connect to your site with HTTPS, a secure protocol for exchanging information on the Internet.
Using SSL/TLS certificates, your site visitors (i.e., their browsers) can validate that they are connected to your web server—and not an imposter’s server. In addition, certificates help your visitors establish an HTTPS connection, so information exchanged between your visitors and your web server is encrypted.
HTTPS is especially important for e-commerce sites, since e-commerce requires visitors to provide personally identifiable information. However, securing the web is increasingly important for all sites, not only e-commerce, since HTTPS protects visitors’ privacy and improves your page ranking for Google searches. In addition, on our platform, HTTPS also automatically enables HTTP/2, the latest version of the HTTP protocol, which improves site performance.
For more information about HTTPS, check out our article What is HTTPS and SSL/TLS?
|Let’s Encrypt||Get free domain-validated certificates.||
|Import New Certificate||For Professional plans and higher, import a new certificate at no additional cost.||
- Log on to the Force WP User Portal cPanel.
- Click your SSL > Add Certificates.
- Choose the certificate option that you prefer.
LET’S ENCRYPT CERTIFICATES
Let’s Encrypt is a free, open, automated certificate authority that issues domain-validated certificates. We recommend Let’s Encrypt certificates for most sites since they are easy to set up and completely free of charge.
The Force WP platform will automatically install and renew Let’s Encrypt certificates after you order them from our User Portal. Here is an overview to get started with Let’s Encrypt certificates:
- Log on to the Force WP User Portal.
- Click your SSL > Add Certificates > Get Let’s Encrypt.
- Select all the domains for which you want HTTPS. (Be sure that the domains you select resolve to your Force WP site.)
Let’s Encrypt does not issue Extended Validation certificates, which are ideal for e-commerce sites. For Extended Validation certificates, we recommend getting your own certificates and then importing them.
Though getting Let’s Encrypt certificates is easy, some customers—with dozens of subdomains or WordPress Multisite enabled—may value the convenience of wildcard certificates. For domain-validated wildcard certificates, we recommend our RapidSSL wildcard certificates, and for Extended Validation wildcard certificates, we recommend getting your own and then importing them.
Let’s Encrypt cannot issue certificates for custom CDN URLs, since your CDN provider controls its servers (i.e., Force WP cannot place the domain-validation file on the CDN provider’s server to get a domain-validated certificate). To set up HTTPS for your custom CDN URLs, we recommend using our Import New Certificate option, so you can properly coordinate the certificate issuances, certificate renewals, and certificate installations for both the CDN provider and your Force WP site. For help with this process, use Live chat to connect with a Support representative.
The vast majority of our customers get Let’s Encrypt certificates without any issues. However, Let’s Encrypt certificates cannot be issued for some types of domains:
- Let’s Encrypt does not issue certificates for high-risk domain names—those that resemble well-known banks or brands (e.g., wellsfargo.world or cocacola.info).
- Let’s Encrypt does not issue certificates for sites that Google tags as unsafe.