how-to
Advertiser Disclosure
Imagine going to a doctor’s office. It’s a nice place, and the waiting room is fairly crowded. As you’re filling out your forms, though, you realize the office’s letterhead is for Miss Jane Doe instead of Dr. Jane Doe. Hmm. You get called back for your appointment and realize there aren’t any diplomas on the wall. When you return to the front office to pay, the receptionist reads off your credit card number loud enough for the folks in the waiting room to hear.
The situation may seem a little far-fetched, but it illustrates the impression you give visitors when your website doesn’t adequately protect them or meet general security standards. SSL certificates are the first step toward safeguarding sensitive information and signal that your site is trustworthy.
The easiest way to implement HTTPS is by hosting your site with a provider that takes care of the SSL certificate configurations and renewals for you — all without any added cost. This is becoming an increasingly common feature, so we’re here to help you sift through all the options.
Best Web Hosting With Free SSL Certificate
Although the industry talks about encrypted client-server communications in terms of SSL, the Secure Sockets Layer protocol has been deprecated in favor of the more modern Transport Layer Security. You’ll technically receive a TLS certificate; just keep in mind that the SSL naming convention seems to have stuck.
Regardless of the acronym, certificates signal that a website is using HTTPS instead of plain HTTP to protect against security threats. Visually, the presence of an SSL certificate is confirmed and represented in web browsers with a lock icon or green area next to the URL; unsecured sites will often display a red X or the words Not Secure.
HTTPS ensures a private, authenticated connection to a website’s server. Interactions between a visitor and the website, such as filling out a form, are encrypted and prevent attackers from eavesdropping or tampering with the information. That’s why SSL certificates are becoming increasingly necessary to gain and hold customer trust.
Even though 85% of consumers shopped online in 2016, research from the NCC Group showed only 20% said they felt very secure doing so. Nearly two-thirds of shoppers think an online data breach will compromise their financial information within a year, and roughly 30% said they would not revisit a website or open emails from an organization that had been breached.
Although SSL certificates aren’t the silver bullet against all malicious online attacks, they greatly reduce the risk and are incredibly easy to implement. Look for a hosting provider that emphasizes customer support and well-rounded hosting plans. For those reasons, Bluehost is our go-to option for all levels of site owners:
1.
Bluehost.com
- FREE domain and SSL certificate
- 1-click WordPress installs
- Unlimited site traffic and in-house support available 24/7
- Usually $7.99/month, but our visitors pay $2.95/month!
- Industry-leading hardware and uptime
- Get started on Bluehost now.
Bluehost: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Best Overall Hosting Plans |
|---|---|---|---|
| 30 days | 50 GB - Unlimited | FREE (1 year) | www.bluehost.com |
Top “Cheap” Web Hosting With Free SSL Certificate
Yes, an SSL certificate is yet another factor to consider when starting a new website or shopping around for hosting services. In addition to components like a domain name, content management system, website builder, solid-state drives, daily backups, and others, SSL certificates are a needed part of running a successful site. Fortunately for exasperated site owners, certificates are included for free with many respectable hosting plans.
Even if you build and operate your website by yourself, you can still expect to spend between $300 and $600 to get up and running. It’s understandable to not want to spend even more on another upgrade.
Although top-tier businesses can expect to spend upward of a few hundred dollars on an Extended Validation (EV) SSL certificate, the vast majority of blogs and online portfolios will be served perfectly by free and low-cost alternatives. With the advent of the Let’s Encrypt certificate authority, anyone can obtain a free SSL certificate that automatically renews every 90 days — removing any configuration headaches and extra time spent on the nitty-gritty details of your site.
SSL certificates, more accurately known as TLS certificates, protect communications between a server and web browser.
To make SSL certificates fast, easy, and painless, we recommend investing in an affordable hosting plan that takes the time to give customers all the help they need to get their site online. In 2016, the ultra-popular cPanel site management portal incorporated Let’s Encrypt certificates into its AutoSSL plugin after it quickly became the highest-voted request from users. So, any host that offered cPanel quickly became a host that offers free SSL certificates.
That being said, you don’t want to just sign up with the cheapest hosting provider. Do your research into the reputation of prospective hosts, services offered, support channels, and add-on tools that can help your secured site gain even more traction online. We give the three providers we recommend below high marks in all those categories and more. Check out our reviews below:
2.
1and1.com
- $1/month for 6 or 12 months
- No hidden costs - pay just $6 or $12 at checkout
- Easy setup and 24/7 support
- FREE domain and FREE domain transfer
- Up to 500 GB storage, 500 databases, 500 email accounts
- Get started on 1&1 now.
1&1: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Cheap Hosting Plans |
|---|---|---|---|
| 30 days | 100-500 GB SSD | FREE (1 year) | www.1and1.com/shared |
3.
Bluehost.com
- Known for performance at a low price
- Endorsed by WordPress.org team
- FREE Weebly site builder and templates
- FREE Cloudflare CDN
- Get 63% off today (was $7.99/month)
- Get started on Bluehost now.
Bluehost: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Cheap Hosting Plans |
|---|---|---|---|
| 30 days | 50 GB - Unlimited | FREE (1 year) | www.bluehost.com/shared |
4.
HostGator.com
- $0.01 for 1 month, then plans from $4.47/mo to $10.95/mo if you don't cancel
- Unmetered disk space & bandwidth
- Unlimited email addresses & free SSL certificate
- One-click WordPress install & free blog tools
- New domain costs $12.95, or use existing domain free
- Get started on HostGator now.
HostGator: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Cheap Hosting Plans |
|---|---|---|---|
| 45 days | Unlimited | New or Transfer | www.hostgator.com/shared |
See other top affordable hosts »
Top “Free” Web Hosting With SSL Certificate
To us, free web hosting is only a temporary solution or a chance to test out a new platform — not a permanent solution. Online security and the infrastructure delivering your website are not places to cut corners, particularly when those decisions could harm your readers and customers.
While those free hosting plans frequently scale back the number and scope of available features, however, SSL certificates often survive the cuts. Because shared SSL certificates work at a server level, instead of domain level, your site will reside on infrastructure that already follows security best practices for other customers. You’ll almost assuredly be relegated to subdomain status (yoursite.hostname.com instead of yoursite.com), but you will meet the basic HTTPS requirements.
Platforms that offer free hosting plans, which are particularly common in the website builder market, can be a good stepping stone to creating an online store. The emphasis on simplifying the site creation process extends to configuring product listings, shopping carts, and processing payment and shipping information.
SSL certificates are especially critical for eCommerce operations, as customers are trusting that brand to keep them safe. An EV or Operational Validation (OV) SSL certificate is required for compliance with the Payment Card Industry Data Security Standard (PCI-DSS) regulations that enforce secure online transactions and payment processing. Many eCommerce platforms outsource this step to gateways like Square, PayPal, or Stripe, which take care of the specialized security for you.
Although we don’t recommend operating your store out of a free hosting plan, the three options below will help you get started designing your site and online store before upgrading to your own domain name:
- Jetpack SEO, spam protection, and social sharing tools included
- Community, email, and live chat support
- Access to tons of free and premium themes
- FREE hosting; paid plans $4-$25 per month
6.
Wix.com
- Start designing for FREE
- FREE domain with most plans
- Drag-and-drop templates, specific to industry or design need
- Help Center with exhaustive knowledge base of articles
- Huge App Market available
- Get started on Wix now.
Wix: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Cheap Hosting Plans |
|---|---|---|---|
| 14 days | 500 MB - 20 GB | Transfer | www.wix.com/site-builder |
7.
Weebly.com
- All-in-one hosting and industry-leading drag-and-drop website builder
- Start designing for FREE, upgrade to an affordable plan whenever
- Easily build a blog, personal site, online store, or business portfolio
- 100s of FREE templates for websites and online marketplaces
- $100 credit toward Google advertising
- Get started on Weebly now.
Weebly: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Cheap Hosting Plans |
|---|---|---|---|
| 30 days | 500 MB - Unlimited | FREE (w/ paid plans) | www.weebly.com/site-builder |
Top “Shared” Hosting With SSL Certificate
On the web hosting spectrum, shared servers represent the tier with the most number of people and the least experience. As a result, much of the marketing and information about SSL certificates is targeted toward this segment of the hosting audience. Although free Let’s Encrypt certificates and others are also available for VPS, reseller, cloud, and dedicated accounts, it’s generally assumed those site administrators will handle configuration themselves, opt for a more expensive certificate, or need to oversee multiple certificates.
Shared hosting customers, whose website is on the same server as hundreds or thousands of other customers, have a variety of certificates to choose from. Shared SSL certificates validate a specific server or IP address and can be used by multiple sites (however, your URL will change to the hostname in the web browser). With so many free and low-cost options for Domain Validated (DV) certificates, however, we encourage site owners to go this route. These protections include only your domain name.
Web browsers will alert users when a site is or is not secured with an SSL certificate.
At the more expensive (and tougher security) end of the SSL gamut, OV certificates connect and authenticate your business name and domain name to ensure you are the site administrator. Sites with EV certificates have gone through a much stricter verification process and, as a result, get the most positive treatment in web browsers and customers’ perceptions.
Similar to our list of the top web hosts for affordability, the providers listed below strike the right balance between tight security, helpful customer support, and affordable solutions. Each hosting company will connect site owners to the certificate of their choice while still offering the performance and reliability we’ve come to expect from such trusted brands. To learn more, read through our reviews:
8.
Bluehost.com
- Known for high-performance, low-cost shared hosting
- FREE website builder with 1,000s of templates
- Endorsed by the WordPress.org team as a top WP host
- FREE CDN accelerates your site’s page loading
- Usually $7.99/month, but our visitors pay $2.95/month
- Get started on Bluehost now.
Bluehost: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Shared Hosting Plans |
|---|---|---|---|
| 30 days | 50 GB - Unlimited | FREE (1 year) | www.bluehost.com/shared |
9.
iPage.com
- An industry-leading shared host with competitive pricing
- Attract visitors with a complimentary marketing suite
- $500 in extras like Google AdWords and SiteLock security
- Start selling online in minutes
- Get more than 75% off today! (usually $8.99/month)
- Get started on iPage now.
iPage: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Shared Hosting Plans |
|---|---|---|---|
| 30 days | Unlimited | FREE (1 year) | www.ipage.com/shared |
10.
InMotionHosting.com
- A favorite for shared hosting (and dedicated or cloud)
- FREE SSD storage packs 20x the performance
- FREE SSL certificate and 24/7 support
- 1-click installs for WordPress and popular CMSes
- Get started with FREE website transfer service
- Get started on InMotion Hosting now.
InMotion: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | Shared Hosting Plans |
|---|---|---|---|
| 90 days | Unlimited | FREE (1 year) | www.inmotion.com/shared |
Top “WordPress & PHP” Hosting With SSL Certificate
Even though WordPress is the galaxy’s most popular content management system, with nearly a third of the web relying on the open-source software, the platform and its underlying programming language can be notoriously vulnerable when not maintained or updated properly. WordPress and PHP are used so frequently across the web that they carry massive targets on their backs — if you can expose a weakness in the WordPress core program, you expose millions of blogs and businesses.
Similarly, PHP does not come out of the box ready for SSL certificates. Many programmers will use a software library, such as the popular OpenSSL, to implement basic cryptographic functions needed for SSL certificates. However, even the open-source library has fallen to attackers, perhaps most notably the Heartbleed security bug that was publicly announced in 2014 that affected 15% of all SSL servers. SSL or TLS vulnerabilities are frustratingly common, and PHP developers should take great care in making sure all HTTPS requests are performed using the curl extension.
Now that we’ve scared you with all the doom and gloom, let us part the clouds and enable the sun to shine through. Open-source communities boast millions of developers working to secure all aspects of internet communication, and you can rest easy knowing that the experts have things handled. As before, your best move is to align yourself and your online presence with a reputable hosting provider with the technical resources to keep you and your visitors safe. When it comes to WordPress hosting, these hosts are your best bet:
11.
InMotionHosting.com
- WordPress pre-installed with NGINX server caching
- FREE SSL certificate and unlimited bandwidth
- Optional automatic plugin, theme, and core updates
- Host unlimited WordPress sites on one account
- Premium themes and plugin subscriptions
- Get started on InMotion now.
InMotion: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | WordPress Hosting Plans |
|---|---|---|---|
| 90 days | Unlimited | FREE (1 year) | www.inmotionhosting.com/wordpress |
12.
Bluehost.com
- Recommended by WordPress since 2005
- Automatic installation and updates
- FREE SSD storage and SSL certificate
- FREE domain registration and email
- 63% discount exclusively for HostingAdvice shoppers
- Get started on Bluehost now.
Bluehost: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | WordPress Hosting Plans |
|---|---|---|---|
| 30 days | 50 GB SSD - Unlimited | FREE (1 year) | www.bluehost.com/wordpress |
13.
A2Hosting.com
- FREE Cloudflare CDN and 1-click installs for WordPress
- Turbo Server, SSD speed boost, and A2-optimized caching
- A2-optimized WP plugins for performance and security
- SSL certificates, PayPal integration, and 24/7 support
- FREE HackScan and KernelCare
- Get started on A2 Hosting now.
A2 Hosting: Our Expert's Review
| Money Back Guarantee | Disk Space | Domain Name | WordPress Hosting Plans |
|---|---|---|---|
| Anytime | Unlimited RAID-10 | $14.99 | www.a2hosting.com/wordpress |
See other top WordPress hosts »
SSL Support Means Added Security for Your Website & Visitors
A few years ago, Google announced its intentions to notify web users when they visited an unsecured site. SSL certificates have been around for more than a decade, and the news shined a light on the urgency to protect sensitive online information. Since the original proclamation, Chrome and other browsers have increasingly and gradually upped the ante. Secure websites commonly display a lock or other indicator, while those still using the HTTP protocol are increasingly hit with visual penalties and SEO consequences.
Implementing an SSL certificate comes with a wide range of perks and benefits, ranging from increased customer trust and ecommerce sales to improved security and positioning in search results. Whether you’re browsing the internet or operating your own site, the encryption gained by HTTPS protects passwords, credit card numbers, addresses, names, and other personal information. That data is delivered directly to the authenticated site — not an attacker intercepting the communications as part of a man-in-the-middle exploit.
Security is especially important to small and medium-size businesses, as 65% of cyberattacks are aimed at this segment. Although larger organizations represent a bigger potential windfall to the criminals, they tend to have more resources to devote to security. Small businesses and freelancers, on the other hand, are spread thin trying to keep up with both business goals and website maintenance, and are less experienced about technology developments and online security.
Regardless of what type of site you’re creating, the time to switch to HTTPS is now. Why not do it for free?
Was this helpful? Tell Us Thanks.
About the Author
Questions or Comments? Ask Laura!
Ask a question and Laura will respond to you. We strive to provide the best advice on the net and we are here to help you in any way we can.