WPLift is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission.
Integrate SSL on WordPress Multisite
WordPress multisite is an extraordinary feature that let you manage a network of WordPress sites using a single admin site. WordPress users follow various techniques to secure their site as being one of the most popular platforms, WordPress is also targeted the most by hackers. Among these techniques is the integration of Secure Socket Layer (SSL) certificates to a WordPress site.
SSL is also essential in WordPress Multisite setup as multiple sites are managed by one admin, and an infected site can also affect other sites on the network. In this article, we will explore how can we add SSL on WordPress Multisite to ensure security across the network.
Let’s Encrypt
I will be using Free SSL by Let’s Encrypt for WordPress Multisite Network. It is a certificate authority which provides free SSL certificates to websites that offers the same level of security as paid certificates do. It has great documentation and is very simple to integrate.
Integrating SSL to WordPress Multisite
I have launched WordPress Multisite installation on Cloudways managed hosting. After the application launch, I navigate to activate Cloudways built-in SSL certificate via Let’s Encrypt integration tool and add email an address and a domain name of my parent site.
It will take a few minutes to activate the SSL on our domain. Once it is activated, the main site can be viewed using https.
Switching for HTTP to HTTPS
It is very important to change internal URLs from HTTP to HTTPS. To do so, log in to your WordPress Dashboard → Settings → General. Change HTTP to HTTPS in both WordPress Address (URL) and Site Address (URL).
Click on Save Changes at the end of this page to complete the process.
Article Continues Below
Mix Content Identification
In the previous step, I manually changed the URL from HTTP to HTTPS. Usually, it’s enough to change the URLs. However, it is recommended to check if all the links have changed to avoid any broken links.
For this purpose, we will use an online tool called JitBit. Simply paste the URL and initiate the scan. It will take a moment and will display the result.
Result shows that there are few links that need to be changed. To fix this, go ahead and install a plugin WP Migrate DB.
Once the plugin is installed, go to its settings and paste the old URLs under Find section and replace it with the new ones.
Add additional rows if needed and click on Find & Replace to save the changes.
Redirect from HTTP to HTTPS
It counts as a bad user experience if the visitor lands on a broken link, so it is important to redirect the user coming from HTTP to HTTPS automatically.
To achieve this, we have to make a few changes in our .htaccess file. For those who do not know .htaccess. This is a configuration file for Apache web server.
Article Continues Below
Before we begin making changes in the .htaccess file, it is recommended to back up this file for restoring purposes.
Now access your .htaccess file from your root directory and open it in any text editor. Add the following lines of code at the beginning of the document.
RewriteEngine On
RewriteCond %{https:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
That’s it! Save the file and upload it back.
Google Search Console
As of now Google knows that you serve your data using HTTP. To update Google that now we are serving through HTTPS, log in to your Google Analytics dashboard and inside the admin area select your desired property and click on Property Settings.
From the drop-down menu, change the Default URL from HTTP to HTTPS.
Article Continues Below
Now go back and click on View Settings tab.
Over here change the Website’s URL from HTTP to HTTPS.
We are done updating Google to track our new HTTPS URLs.
SSL on WordPress Multisite Subdomain
Adding SSL on subdomains is easy with the Cloudways platform. Simply click on Add Domains button and start adding subdomains.
Clicking on the Install Certificates will bring a pop asking for permission to revoke existing SSL and re-install certificate with new subdomain list.
Benefits of Having SSL Certificate on WordPress
Besides providing secure browsing, SSL helps in improving SSL ranking as well. When a user visits your SSL enabled site, a browser does not give any warnings and it gives the sense of credibility especially for the customer paying through your WordPress site.
Wrapping Up!
While WordPress Multisite gives a lot of flexibility in terms of managing multiple applications. SSL helps in securing these sites by encrypting all the data including usernames, passwords, credit card information and IP addresses when data is exchanged between the server and the client’s browser. Anybody tapping in between cannot decrypt this data as the key is only shared between the two trusted parties.
This guest post was written by Ibad Rehman from Cloudways.
Related Articles
Hey,
Cloudways is a great tool which provides easy to manage interface and saves a lot of time for me.
3 cheers to the developer.
Joyi
Thank you for appreciating the platform and developers!