Find Wordpress Plugins
960 votes, 5 avg.rating
HTTPS Secure your WordPress site with SSL certificate provided by Let’s Encrypt® and force SSL / HTTPS sitewide, check your SSL score, fix insecure content & mixed content issues easily. Enable HTTPS secure padlock on your site within minutes. WP Encryption plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge. A typical SSL installation without WP Encryption would require you to generate CSR, prove domain ownership, provide your bussiness data and deal with many more technical tasks!. 5M+ SSL certificates generated — Switch to HTTPS easily REQUIREMENTS Linux hosting, OpenSSL, CURL, allow_url_fopen should be enabled. PRO FEATURES WORTH UPGRADING Automatic domain verification Automatic SSL certificate installation Automatic SSL renewal (Auto renews SSL certificate 30 days prior to expiry date) Wildcard SSL support – Install Wildcard SSL certificate for your primary domain that covers ALL sub-domains. Automatic DNS based domain verification for Wildcard SSL installation (DNS should be managed by cPanel or Godaddy) Multisite + Mapped domains support – Supports SSL installation for mapped domains Automatic Content Delivery Network(CDN) to boost your site performance (Annual Plan Only) Blocks SQL injection, XSS, Shellshock, Remote File Inclusion, Apache Structs Exploits, Local File Inclusion attacks. Blocks common web application vulnerabilities and common WordPress attacks. Blocks invalid user agents, unknown user agents, CSRF, Convicted bot traffic, Spam & abuse, Probing & forced browsing, Brute force attacks. Top notch one to one priority support – Live Chat, Email, Premium Support Forum SSL installation help for non-cPanel sites BUY PREMIUM VERSION FREE SSL PLUGIN FEATURES Verify domain ownership and generate free SSL certificate Secure webmail and email with HTTPS Download generated SSL certificate, key and Intermediate certificate files Force HTTPS / Enable HTTPS 301 redirection sitewide in one click HTTPS redirection includes redirect loop fix for Cloudflare, StackPath, Load balancers and reverse proxies. SSL Health page – Track your SSL score and control various SSL & Security features like HSTS strict transport security Header, HttpOnly secure cookies, etc,. Enable important security headers including X-XSS-Protection, X-Content-Type-Options, Referrer-Policy Enable mixed content / insecure content fixer SSL monitoring & Automatic email notification prior to SSL certificate expiration (Optional) Running WordPress on a specialized VPS/Dedicated server without cPanel? You can download the generated SSL certificate files easily via “Download SSL Certificates” page and install it on your server by modifying server config file via SSH access as explained in our DOCS. (New) Vulnerability Scanner in v6.0 Navigate to SSL Health & Security page and run the vulnerability scanner to scan your WordPress, Plugins and Themes for known vulnerabilities. Keep everything updated to stay secure. ADVANCED HTTPS SECURITY HEADERS Safeguard your site from cross-site scripting attacks, clickjacking, MIME sniffing attacks. Enable HTTPS Strict Transport Security Header to avoid request protocol downgrading Disable directory listing to avoid directory traversing Enable X-XSS protection, secure cookies, X-Content-Type-Options to avoid cross site scripting and MIME sniffing Switch to HTTPS in seconds Secure HTTPS browser padlock in minutes. Free domain validated (DV) SSL certificates are provided by Let’s Encrypt (A non profit Global certificate Authority). SSL encryption ensures protection against man-in-middle attacks by securely encrypting the data transfer between client and your server. Why does My WordPress site need SSL? SEO Benefit: Major search engines like Google ranks SSL enabled sites higher compared to non SSL sites. Thus bringing more organic traffic for your site. Data Encryption: Data transmission between server and visitor are securely encrypted on a SSL site thus avoiding any data hijacks in-between the transmission(Ex: personal information, credit card information). Trust: Google chrome shows non-SSL sites as ‘insecure’, bringing a feel of insecurity in website visitors. Authentic: HTTPS green padlock represents symbol of trust, authenticity and security. Translations Many thanks to the generous efforts of our translators. If you would like to translate plugin to your language, Feel free to sign up and start translating! Show Your Support If you find any issue, please submit a bug via support forum. LOVE WP ENCRYPTION SSL PLUGIN? If you find this plugin useful, please leave a positive review. Your reviews are our biggest motivation for further development of plugin. Disclaimer WP Encryption uses SSLLabs API for SSL scan & detection. By using the plugin, you agree to terms & conditions of SSLLabs By enabling the Vulnerability Scan feature, you agree to terms & conditions of WPVulnerability Database API. The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liability of any kind for the information. Security is an important subject regarding SSL/TLS certificates, of course. It is obvious that your private key, stored on your web server, should never be accessible from the web. When the plugin created the keys directory for the first time, it will store a .htaccess file in this directory, denying all visitors. Always make sure yourself your keys aren’t accessible from the web! We are in no way responsible if your private keys go public. If this does happen, the easiest solution is to check folder permissions on your server and make sure public access is forbidden for root folders. Next, create a new certificate.