An SSL (Secure Sockets Layer) certificate — technically now TLS (Transport Layer Security) — is a digital certificate that encrypts the connection between your website and your visitors' browsers. When installed, your site uses HTTPS instead of HTTP, indicated by the padlock icon in the browser address bar.
Why SSL/TLS Is Essential
- Encryption — All data transmitted between the server and browser is encrypted, protecting sensitive information like login credentials, personal data, and payment details.
- Authentication — The certificate verifies that visitors are connecting to your actual server, not an impersonator.
- SEO ranking factor — Google uses HTTPS as a ranking signal. Sites without SSL may rank lower.
- Browser warnings — Modern browsers display "Not Secure" warnings for HTTP sites, eroding visitor trust.
- Required for modern features — HTTP/2, service workers, and many browser APIs require HTTPS.
Certificate Types
- Domain Validation (DV) — Verifies domain ownership only. Quick to obtain, often free (Let's Encrypt).
- Organization Validation (OV) — Verifies the organization behind the domain.
- Extended Validation (EV) — Strictest verification, historically showed the company name in the browser bar.
Free SSL with Let's Encrypt
Let's Encrypt provides free, automated DV certificates. Most hosting providers support automatic installation and renewal. There is no reason not to have SSL on your WordPress site today.
What InspectWP Checks
InspectWP verifies whether your WordPress site has a valid SSL certificate, checks the certificate expiration date, and detects mixed content issues (HTTP resources loaded on HTTPS pages).