Bluehost is one of the top web hosts for running WordPress-based blogs & websites.
They are also one of ShoutMeLoud’s recommended WordPress hosting companies. In the past, I have shared many tutorials to help you use and get the most out of Bluehost hosting.
Here are some of the popular ones:
- How To Buy Hosting & Domain From Bluehost Hosting
- How To Install WordPress Blog On Your Bluehost Hosting
In today’s exclusive tutorial, you will be learning how to use a free SSL certificate with your Bluehost hosting. Using this guide, you will be migrating your WordPress blog from HTTP to HTTPS.
According to Google, using SSL is one of the positive ranking factors. Moreover, SSL adds a higher trust level to your blog.
When it comes to SSL certificates, you have the option of using free ones as well as paid ones.
Disclaimer: This article does contain affiliate links. If you purchase a tool through one of the links, SML will receive a small commission for coffee ☕️, at no additional cost to you.
Before we move ahead, let’s get to know a little more about SSL certificates so that you will know what you are doing.
First of all, there are various types of SSL certificates.
For an information-based site (like a blog), you are good using a free SSL certificate.
The most popular company for issuing free SSL certificates is Let’sEncrypt. They have completely changed the model of SSL certificates, and they have made it easier for individuals like you & me to start using SSL certificates without paying a dime.
However, when you are running an e-commerce platform or transaction-based site, you might consider using an EV (Extended Validation) or OV (Organization Validation) certificate that you can only get from a paid provider.
- Optional read: Things To Know Before Buying An SSL Certificate
In this tutorial, I will be sharing all the steps you need to follow to start using a free SSL certificate for your WordPress blog hosted on Bluehost hosting.
Do remember, this is an important task & you should have at least one hour to implement everything. After moving your site to HTTPS, you need to do a few other things to ensure your traffic doesn’t get affected, so you will need to make sure you have enough time set aside.
Are you ready?
Complete Tutorial On How To Use A Free SSL Certificate On Bluehost Hosting For WordPress
Note: Before you start following the steps, make sure you disable your Who.Is guard & your domain’s Who. Is information is updated.
You only need to do it for a few hours as sometime Bluehost sends email for validating domain ownership.
Once you have successfully activated the SSL certificate, you can enable the Who.Is guard for your domain again.
With that, let’s get started with this epic guide…
Disclaimer: This article does contain affiliate links. If you purchase a tool through one of the links, SML will receive a small commission for coffee ☕️, at no additional cost to you.
So Bluehost now offers a free SSL certificate for their users directly from the Bluehost cPanel.
To start using it, log into your Bluehost dashboard and click on my Sites > Manage site
Click on Security to access the SSL options panel.
In front of “Free SSL Certificate”, toggle the button to On. This will start installing the free SSL certificate on your Bluehost hosting account.
You might see a pending notice & this message:
“Working on it…
We’re setting up your SSL – this may take a few hours. In some situations, we may need you to take action. If so, you’ll receive an email with instructions. For now, feel free to start exploring WordPress or jump into building your website.”
You will also get an email from the Bluehost billing team about your free SSL certificate purchase.
Here is a video guide for the same:
In my case, I let the page work for 45 minutes & it was still loading. Eventually, I reloaded the page & had to re-toggle the “Free SSL certificate” button to On.
This time, within 5 minutes, the page stopped loading & I got the final screen.
This means the free SSL certificate has been installed on the domain & now we can migrate our site from HTTP to HTTPS.
It’s a good idea to use an online SSL checker tool like this to verify if your domain has an active SSL certificate or not.
Here is the result from my test domain after adding the free SSL certificate:
If you are doing this for an existing WordPress site, your real work starts here.
There are a few steps that you need to do to ensure you are properly moving from HTTP to HTTPS. Moreover, you also need to take care of SEO.
However, do not worry, as this tutorial is going to help you with every step to properly migrate to HTTPS.
Moving Your WordPress Site From HTTP To HTTPS
Now after activating the SSL certificate, the next step is to force everything to load on HTTPS & also ensure that the HTTP to HTTPS migration is search engine friendly. If you don’t do this, you might end up losing traffic.
Follow all the below-mentioned steps & in the next 10-15 minutes, you will have successfully moved your WordPress blog to HTTPS.
Note: SiteGround, A2Hosting, and InmotinHosting users can also take advantage of a free SSL certificate. Just ask your hosting support team to enable a free SSL certificate for you & follow these below-mentioned steps to further finish the migration from HTTP to HTTPS.
Install Really Simple SSL Plugin
When you enable your free SSL certificate on Bluehost hosting, it automatically updates the site’s URL.
However, at this moment, your site is accessible with both the HTTP & HTTPS addresses.
By using the Really Simple SSL WordPress plugin, all of your traffic on HTTP will automatically redirect to HTTPS.
- This is an easy plug & play plugin.
Once you have installed & activated the plugin, you will see a screen like this:
Click on Go ahead, activate SSL!
Edit Your .htaccess File & Add The Code For HTTP To HTTPS Redirection
You also need to add these few lines of code into your WordPress .htaccess file.
You can edit this file using the Yoast SEO plugin or by FTP. Here is a guide to learn more about editing the .htaccess file.
At the beginning or end of the .htaccess file, add:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Once this is done, you are almost done with moving your WordPress blog to HTTPS.
Update All HTTP URLs In Database To HTTPS Using Really Simple Plugin
The Really Simple SSL plugin + the .htaccess code above will help you redirect all traffic from HTTP to HTTPS. However, it’s a good idea to update all existing links from HTTP to HTTPS.
You can do that using a WordPress plugin called Better Search & Replace.
Install & activate the plugin. Go to Tools > Search & Replace to start using the plugin.
Note: Take a backup of your WordPress database before running this plugin.
Once this is done, you can also install the Broken Link Checker plugin & use its redirection module to find links to 3rd party sites with HTTP that should now be HTTPS.
This is a regular practice that I follow to keep my site’s SEO intact.
Now it’s time to make some changes to your Cloudflare dashboard (or use the Cloudflare WordPress plugin).
Steps For Cloudflare Users
In my earlier blog posts, I have told you to start using Cloudflare as it helps in many ways:
- 5 Reasons You Should Start Using Cloudflare Right Away
- How To Set Up Free CloudFlare CDN For Your WordPress Blog
First, log in to your Cloudflare dashboard & go to your domain.
Go to Crypto & under “SSL”, change the settings to Full.
On the same page, scroll down & enable Automatic HTTPS Rewrites.
That’s it!
Now, your HTTP to HTTPS migration is done.
However, you still need to do a couple of quick things:
- Submit your new HTTPS site to Google Search Console & submit your sitemap.
- Update your profile link on Google Analytics.
- Update your website links on social media profiles & anywhere else they exist. This step you can do in pieces in the coming days.
- Read this guide to learn more about HTTP to HTTPS migration & fixing mixed content.
- If you disabled Who.Is guard for your domain name, you can enable it now.
Well, that’s all! If you have done all the steps mentioned above, give yourself a pat on the back. It’s time to celebrate.
You should also treat me someday for this guide. 🙂
Conclusion: Using Free SSL on Bluehost
The new WordPress tools inside the Bluehost cPanel make it easier for every Bluehost user to enjoy free SSL certificates. However, if you are activating a free SSL for an existing blog, you also need to follow the steps mentioned above to ensure moving from HTTP to HTTPS doesn’t affect your traffic.
For a new blogger who is just starting out, you just need to enable HTTPS as soon as you buy hosting from Bluehost.
Now it’s your turn to let me know: How was your migration from HTTP to HTTPS? Did you face any problems & how did you overcome them? Let me know your experience in the comments section below!
Find this tutorial useful? Share it with others who are using Bluehost for their WordPress blog!
Hey Harsh,
Thanks for detailed explanation, I was struggling to activate SSL after shifting the hosting from Site ground to Blue Host, had Cloud Flare linked too, It’s done now.. your detailed article helped a lot.
Thanks so much for clear info. However, on my Bluehost account, (following your directions) it does not have a toggle on and off. It says “unavailable”. Can’t seem to find out why? anyone else have this issue?
@Holly
I just checked again by logging into my Bluehost account and I see its working for me. I will upload a video shortly on my YouTube channel.
Try to logout and login and see if it working. If it doesn’t then speak to customer support and they will resolve the issue.
Harsh,
Thanks for the writeup. It’s helpful. I’ve had Bluehost’s free SSL on my site for a few months now, AND I had it set to automatically renew. But somehow there was a lag in the renewal by about 24 hours. It caused my site to temporarily move back to http://, which gave visitors the “Warning: You are About to Access an Unsecure Site” message, which literally killed my traffic for the day. Any idea on how to prevent this in the future? Should I ditch the free certificate and find another provider?
Does Cloudflare slow down wordpress site?
Nope.
hello Harsh, Thanks a lot. I just added ssl to my blog, now what should i do in google webmaster, should i add an https version of my blog and how can i set https version as preferred one. Also do i need to add sitemap to preferred version only? Thanks.
i have installed ssl certificate. earlier i was using cloudflare with bluehost.
during installation bluehost told me to change nameservers back to bluehost.
using cloudflare will break ssl.
any solution?
hello, can you guys please share full method to how install free ssl of cloudflare in xenforo forums?? i m using godaddy hosting, secured my site with cloudflare, but when i try to install free ssl of cloudflare, my site is not opening in https or even in https!! its showing a blank page, why?? can u guys plz help me!!
How do you get back social share counts after SSL/https migration?
@Sandip
I used a WordPress plugin call Social Warfare for the same.
I login to bluehost control panel and it is displaying following options to click in the left bar: Home, Mysite, marketplace, email, domains, advance. There is no top bar. Thanks in advance to help.
@Mamta
Is it Bluehost India or Bluehost USA?
Dear Harsh
Greetings !!!
The information provided by the Bluehost office at the time of establishing the blog is as below:
Email Server:lifeinvedas.com
Name Server 1: NS1.Bluehost.com
Name Server 2:NS2.Bluehost.com
and user id and Password.
I developed the blog with the help of a blogger.
Kindly suggest the way to migrate the blog from http to https. Looking forward a positive reply.
@Dr. Mamta
Just follow the steps mentioned above and it will be done in no time.
I was informed that this is Bluehost.com (US)
Great article as always Harsh. I am using an SSL certificate from Namecheap,
I think I need to install SSL on my blog, but it is just too work. But thanks for the great article, will come back to this article.
Hey Harsh, it shows ssl not secure in chrome? How can i fix this?
I activated the Bluehost free SSL and I’m getting “Your connection is not secure The owner of dahr-castro.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website” with Firefox only. It says I need to install an Intermediate/chain certificate to link it to a trusted root certificate. How do I fix this? I’m using Bluehost shared hosting. Thanks
Hi Harsh, great article brother. I am working on my wordpress blog right now (which is not ready yet and I have just completed some pages). My site is hosted on Bluehost India and my hosting renewal is due on 15th October, 2017. But after reading your above article and your review on Bluehost India I want to migrate my site to Bluehost USA and I want to choose the Prime package for 60 months. So I have 3 questions:
1. Can I migrate my site to Bluehost US before my renewal date.
2. At present my site information can be found on who.is. So when I will purchase the Prime plan from Bluehost US I think the plan will come with who.is guard. So can I disable it after migrating to the Bluehost US?
3. In how many websites I can use the free SSL certificate (HTTPS)?
I will be grateful for your kind reply.
Regards,
Ramesh
Hey Ramesh,
1. yes. you can migrate before your renewal date
2. No, you cannot disable privacy after buying the prime package. Buy plus package instead. it is cheaper than prime and comes without domain privacy.
3. for all your websites.
Great post buddy….i am using Blue-host and i would surely love to use these tips for installing SSL certificate…..thanks for this helpful post..!!
Hi Harsh,
This is an important article for me. But, can you tell me what is the difference between SSL provided free by cloudflare and blue host. Which will be faster.
@Kanakrani
The one offered by Bluehost is better.
I am on hostgator should I move to bluehost for SSL. I have multiple sites on Hostgator. Do bluehost migrate it for free?
@Jay
Bluehost is becoming more WordPress centric. Bluehost doesn’t offer free migration.
Hiii
Nice post for bluehost users. Thanks for sharing with us. Gud luck for next.
Hi Harsh,
Thanks so much for this walkthrough! Yours is the only guide that enabled me to successfully install SSL on my site without issues. I have a question about installing Cloudflare “AFTER” completing the SSL setup for Bluehost. If I try installing Cloudflare from within Bluehost Cpanel, I get an error message saying using the free Cloudflare with free Bluehost SSL will cause my website to malfunction. When I try it from the Cloudflare site panel itself, the crypto option to select “full” is labeled not supported for your site. Do i need to install Cloudflare first or is there a way to bypass this issue? This is the US version of Bluehost btw.
Is SSl must for any blog?
@Tonu
Yes, SSL is an important search engine ranking factor. Every blog should use it!