Step 3: How to make your wordpress site secure
Now you have your WordPress website setup and it’s publicly accessible it’s important to think about how to make your WordPress site secure. Already setup security? Go to step 4 to learn how to customise your WordPress website.
Once you have purchased your hosting and domain in step 2, you will now be logged in Krystal with something like this. We need to access our newly purchased hosting server, to do this click on ‘My Services‘ and then on your product click on ‘Launch cPanel‘.
Your cPanel is the control hub for your website, here you can access anything associated with your hosting setup including emails, files, backups etc. It can look quite overwhelming but theres only a couple of things we need to worry about!
How to setup a WordPress website – Installing an SSL Certificate
The first thing we are going to is to make your new website secure and support encryption. This will turn the small unlocked padlock in the address bar to a nice secure one, meaning everything your users are doing is encrypted and safe.
We will use LetsEncrypt SSL software for this, this is completely free and really easy to sort out within Krystal as its all integrated.
Scroll down your cPanel until you see the ‘Security‘ panel, then click on the ‘Lets Encrypt SSL‘ button.
Scroll down until you see your website link under the ‘Issue a new certificate’ title and click the little ‘+ issue‘ button. You will be presented with a screen with a list of variations of your domain. I would recommend to make sure they are all checked under the ‘Include?‘ heading. Then press ‘Issue‘ at the bottom.
Once the website is set up you should see the secure padlock in your domain now, you may need to physically type in https://www.example.com instead of http://www.example.com if it doesn’t do it automatically. Your users will not need to do this.
How to install WordPress
There’s two ways we can install WordPress, one is really simple and our hosting provider will handle the majority of it and the other is for more advanced users. Let’s let our hosting provider do most of the work for us!
Head back to your cPanel homepage (the confusing, overfilled page). Scroll down until you see the ‘Software‘ section, and click on ‘WordPress Manager by Softaculous‘.
You will be presented with a WordPress hub type page. From here we are going to click on the blue ‘Install‘ button at the top left of the inner page. The next page is quite log so let’s break it down.
Software Setup
Here is where we pick which site we are going to install WordPress on and what we want the url to be like. This is why we set up the SSL certificate in the previous step, so we can select HTTPS as our installation path. In Protocol select https://. For your Domain select your newly created domain and you can leave Directory blank.
Directory is used if you want to have the WordPress installation separate from your main site. For example you might already have a basic HTML site and only want to add WordPress for a blog, in that case you could add ‘Blog’ as your directory and your WordPress would be installed on https://example.co.uk/blog.
How to setup a website UK – Site Settings
We can set our site name and the site description here. I would tend to go for a pretty-printed version of your domain name, for example if my domain was woodsplumbing.com my site name would be ‘Wood’s Plumbing‘ and my site description would be ‘Wood’s Plumbing WordPress Site‘.
The site name and description are only really used as an extra detail and as a fall back for some pages, they can also be changed at any time so don’t worry too much about this!
You can ignore the other 2 check boxes on this step as they won’t be needed for our site.
Admin Account
This will be your admin account login details & email address. Make sure what you put here is memorable but also secure, simple user name and passwords can be hacked easily and cause all sorts of problems for your website and your customers.
I would recommend having a username that is tailored to you rather than your domain name and have atleast a 16 character password that contains uppercase, lowercase, symbols and numbers. A good example of a username would be PaulsWsPlumbersAdmin (Pauls Wood’s Plumbing Admin Account).
Your Admin Email should be something you have access to and is also secure as any changes to your website will need to be verified through that email.
Language & Plugins
Your language can be left as ‘English‘ and your plugins can be left as the default options that are already selected. More on plugins later on! Litespeed Cache should be left on as this is essentially a ‘save’ option for your website to make the experience quicker for your users!
Theme
For now, leave this as default and unchecked, we will revisit this later down the line! You can browse some of the themes here to get an idea of which you like and dislike and which might be a good fit for your website. By leaving it unchecked WordPress will install its default themes.
Once all that set up is completed, hit the ‘Install‘ button and let it work its magic! You should see an ‘Installation Complete’ message and there will be 2 links. The first link is your new site! The second is a link to your WordPress admin login area. You can use the username and password set previously to login here.
Great work! So far you have setup a domain, bought your first hosting setup, ensured your site is secure and encrypted and just installed WordPress!
Missed a step?
Go back to the step 2 to learn how to purchase a new domain and how to setup hosting for your new website.
Go to step 2
All good?
If you have setup your hosting and domain successfully it’s time to move on to step 4! How to customise your website and make it your own!
Go to step 4