Let’s Encrypt has made it much easier for web sites to use
https instead of
http, even those on shared hosting. In my case, all I needed to do was ask my ISP, Canadian Web Hosting, to move my accounts to a server that supports a cPanel extension (I assume this one). Installing the certs is trivial.
Changing the basic WordPress setting was easy – update the
WordPress Address (URL) and
Site Address (URL) settings in General. This did break a lot of image links, mostly because I’ve had my blog on WordPress for so long that I still had all my images in a custom image directory and the gallery couldn’t find them any more. That took a certain amount of fiddling, and I haven’t yet got all the images in the old posts back to the way they were.
Another thing that broke was my spam detection. I used Spam Karma for many years, and even after it was no longer updated it was suitable for my needs. But it doesn’t work with
https for some reason. I’ve now switched to Antispam Bee and find it does what I need. I haven’t noticed any spam slipping through, nor real comments being marked as spam. Most of the competitors had some feature I didn’t like, such as by default deleting comments without my having a chance to check them. That would be useful on sites with lots of spam, but not necessary for mine. It has a well-deserved high rating on the WordPress plugin site.
Overall, switching my sites to
https cost me a couple of hours work and the time waiting for the new server DNS to propagate. Well worth it.