Breaking News

Hostgator SSL

Free HostGator  SSL Certificate Overview & How to Install It

hostgator ssl,hostgator letsencrypt,hostgator free ssl,hostgator ssl certificate,hostgator ssl,hostgator letsencrypt,hostgator free ssl,hostgator ssl certificate,

Once again, we see a big step forward for HostGator. The company recently announced that all of its shared hosting packages will include an additional Let's Encrypt SSL, making it an even better offer for its customers. It has become so important for website owners to have SSL that they are going to buy the package anyway, so why not merge it with the web hosting packages? HostGator did it, and it was a great idea.

Now, by purchasing a shared hosting plan, you can solve two problems at once. If you visit the Shared Web Hosting section on their website, you can see that they have added the free SSL certificate to the feature list of each package. This was a wise but risky decision on their part because although they made Internet access more convenient, they also gave up one of their main sources of income.

After all, every web hosting company is a little different. Although HostGator distributes SSL certificates for free, you can find various extras included in other hosting providers' packages. The goal is to provide for free what people really need, and HostGator has made the right choice. By distributing free SSL certificates, the company has changed so much that many of its competitors have to adapt to it if they don't want to lose a large number of customers.

How Good is Let’s Encrypt SSL Exactly?

hostgator ssl,hostgator letsencrypt,hostgator free ssl,hostgator ssl certificate,hostgator ssl,hostgator letsencrypt,hostgator free ssl,hostgator ssl certificate,

HostGator is very generous to offer a free Let's Encrypt SSL to its customers. It's always good to get something for free, isn't it? But what are the advantages of such an SSL? It applies the following changes to your website:

1. The data your visitors send and receive while browsing your website will be encrypted. This allows them to share sensitive information without having to worry about any leaks.
2. The SSL certificate will be applied to all your subdomains.

Not so long ago, Let's Encrypt decided to extend its SSL to all sub-domains under the same certificate. There has been a strong demand for SSL wildcard, which is the package that covers all your subdomains. Another popular solution is automatic SSL, an example of those types of SSL certificates that do not extend to subdomains.

Companies that offer automatic SSL usually create additional SSL certificates for each customer's subdomain as compensation. Providing a wildcard SSL or Auto SSL with additional certificates is almost the same, but it is always easier to provide a wildcard SSL right away.

This is How Your Install HostGator Let’s Encrypt Certificate

After completing the registration process, you can log into your cPanel account at HostGator and SSL Let's Encrypt will be available there. All you have to do is start the installer and it will be ready in a few minutes. Let us show you how to configure it step by step!

Step 1: Find Let’s Encrypt in Your cPanel

It's the easiest step. You will see a lot of icons in different sections after logging into your cPanel interface. For now, you need to find the "Security" section where a handful of tools are available. Among them is the "Let's Encrypt" icon displayed as a shiny padlock. Click on it and continue with the next step.

Step 2: Activate Your Let's Encrypt Wildcard Certificate

The icon will take you to a "Manage Encryption Certificates" page. It lists all domains that are currently available on your hosting account. If you do not have any SSL certificates activated on your account, then the "Get Wildcard" / "Issue" button will be displayed next to all your domains. This option has been available since January 2019, when Let's Encrypt decided to distribute Wildcard SSL certificates instead of the base certificates.

By clicking the button, you will not only activate SSL on your main domain, but also on all your subdomains. You pay for a certificate, but you get a lot, which makes it an absolute bargain. Even if you have dozens of sub-domains, a Wildcard certificate covers them all with SSL. For now, click the green button next to the domains you want to secure.

Once you click, you will get a message informing you that your domain and subdomains will be affected by the Wildcard. However, it will not cover your additional domains. Be sure to read the message and then click "Confirm" if you agree. The installation process is quite simple; just click on it until it allows you to generate your Wildcard at the end.

The "Successfully Installed SSL" message is where you can finalize the installation. From this point on, SSL is enabled on your site and anyone can see the padlock and the "Secure Connection" tab when they click on it in the browser. Your website now works via HTTPS and visitors can share their passwords and credit card numbers without any risk.

Step 3: Time to switch completely to HTTPS

Unfortunately, it is not enough to go through the two previous steps. Although people can visit your site via HTTPS, activating your Wildcard SSL does not turn all requests into HTTPS. There is still some tinkering to be done as backlinks are still a big problem. The backlinks you have on your site will always point to the previous HTTP version of your site.

Another problem is that your regular visitors probably won't even notice that you've switched to HTTPS. When they decide to visit your site, they will type in the same old URL as before, and this will open the unsecured HTTP version of your site. Fortunately, this little problem can be easily solved. All you need to do is make sure that all HTTP requests are automatically redirected to the new HTTPS protocol. That way, even if people find or type in an HTTP version of your web page, they will be instantly redirected to HTTPS.

In the previous steps, we have already shown you where you can find the Let's Encrypt plugin in cPanel. You can use the same plugin to set up the automatic redirection. Before we show you how to do this, you need to make sure that there is no .htaccess rule active. Such a rule can only complicate things further by forcing all requests on your site to be HTTP. If this rule is active and you define the new HTTP > HTTPS redirection rule in the meantime, then you will end up in an infinite loop of HTTP > HTTPS > HTTP.

As a result, your traffic will never reach your site and will instead end up in this redirection loop. So, if no such rule is applied to your site, then you can start redirecting your HTTP traffic to HTTPS. Click the Let's Encrypt icon again in the Security section, and choose HTTPS Settings from the drop-down menu next to your domain. This drop-down menu is active only if you have already enabled SSL wildcard. Next, a Manage HTTPS Settings tab will appear where you will need to enable the HTTPS Enforce option.

Your Web site is constantly making external requests, and these must also be HTTPS links. For example, you may have a stylesheet that points to an external CSS resource, but it is HTTP-encoded. You can easily turn it into an HTTPS request in the same Manage HTTPS Settings tab. Under HTTPS Enforce, there is the External Links Rewrite switch. Enable this switch and you will be guaranteed that there will be no mixed content on your website in the future.

From that moment on, every outgoing link will be converted to HTTPS. Keep in mind that if there is mixed content on your site, then it will get an invalid SSL status and you will immediately lose the trust of your visitors. In case you want to link to a resource, but the plugin detects that there is no way to do so via HTTPS, it will simply avoid the resource. This is about the only way to keep your website away from HTTP. If you want a site secured by SSL, your request must be a secure HTTPS request.

Step 4: Find all content with HTTP links

If you want to link to resources that do not have an HTTPS-compatible URL, we have good news for you. You can still download these resources and add them to your website content. If this is your content, you can certainly serve it as HTTPS, right? In case you have links that point to that particular resource, then you will need to find those links and make sure they point to the new location (your own server) of the resource via HTTPS.

You may find some themes or plugins that do not support HTTPS. They may also be hosted on your website, but downloading this type of content will eventually require you to make updates in the future when the next version is released. Each time there is a new version, you have to download it and start hosting it on your website, replacing the previous one, which is a rather annoying process. If you just update it, the URL will change back to unsecured HTTP, which is not a good option.

A better idea is to avoid HTTP-based themes and plugins of any kind. You have a lot of them on the market anyway.

If you are using WordPress for your website, you do not need to go through steps 3 and 4. Simply install the Really Simple SSL plugin and enable it. This plugin will do all the URL redirection and rewriting for you.

Do you need Let's Encrypt support?

Just because you get Let's Encrypt with HostGator shared hosting packages for free doesn't mean you can't apply it to another hosting package. In fact, the provider doesn't even need to support Let's Encrypt and you will still be able to install it.

However, we are not saying that it is easy to install it without support. It's rather complicated and you need to do some research to get familiar with the technical part before doing so. Also, although it is complicated but quite feasible, it is certainly not something we suggest. When you get a Let's Encrypt certificate for free, it will only be valid for 90 days. If you install it manually, you will need to renew it manually through the same complicated process.

The reason why you should choose a package that actually supports Let's Encrypt is that it will be renewed automatically every time it expires. Once you have activated it via your cPanel, you don't need to worry about it anymore. No one guarantees that you will remember your SSL certificate when the 90 days are about to expire and that you will actually renew it on time. It is more than enough to forget it once, as you may find yourself in some pretty unpleasant situations as a result.

If you don't want sensitive data to escape from your site, then go ahead and find a host that supports SSL certificates.

Have you ever needed to purchase an SSL certificate?

Then why would you buy an SSL certificate if you can get it for free? It turns out that in most cases you are indeed better off with a free SSL. Either you get an Auto SSL or Let's Encrypt, it makes little or no difference in the end. Many web hosting companies make a lot of money just by selling SSL certificates.

But now, as more and more people are discovering that there are packages with free SSL, these companies have to change their plans. An SSL itself can easily cost more than a shared hosting plan. This may surprise you a bit, but there are a few cases where we recommend that you pay for an SSL. These are as follows:

An SSL certificate is already a good way to gain the trust of your customers, but if they see that you bought it separately, they will be even more convinced. A good way to build customer loyalty
You can protect yourself against fraud by insuring yourself against fraud by purchasing guaranteed insurance
It is always a little more reassuring to see the green SSL bar on the left side of your URL. There are many well-known companies that take the green bar very seriously. For example, check out the PayPal website. In addition to the green padlock, the green bar also shows the company name written in green. You can get the same type of SSL for your website if you get an Extended Validation (EV) certificate.

Once your visitors see your company name written in green, they will have no doubt about your credibility. There are also many websites with similar domain names on the Internet. If you have an EV certificate, at least people can be sure that they didn't mistype the domain by accident. You should be careful, however, because an EV certificate is something that even scammers can buy if they want to.

Not all HostGator affiliates provide free SSL.

HostGator is a big brand that is divided into several smaller companies. Through these subsidiaries, HostGator services are available worldwide. The problem is that the company still does not provide free SSL in some of the countries where its services are available. For example, you can get the same old HostGator packages if you live in India. It may take some time before subsidiaries switch to the new packages and provide Let's Encrypt SSL for free.

Every time HostGator changes something in its packages, it takes some time for each affiliate to take action and implement the same changes. But despite this, we can conclude that free SSL certificates have been made available to everyone. If you want a basic SSL, all you have to do is sign up for a web hosting plan and they will give it to you right away.