Whenever users enter sensitive information, you should protect that information by making the page secure (HTTPS). This information could be credit card details, passwords, health information, or personal information such as social security numbers. By using HTTPS, you prevent other people from reading the communication between your website and the end user.
One of the pages automatically created when you install WooCommerce pages is a My Account page. Since users could enter a password on that page, it's worth securing that page.
Before you can enable HTTPS on any page, you need to have an SSL certificate installed on your site. You can contact your host to help you with this.
There's an easy-to-use plugin to help us with this. We'll have to install the plugin and then configure it to protect pages on our site by performing the following steps:
- In the WordPress admin, click on the Plugins menu and then click on Add New.
- Search for the WordPress HTTPS plugin.
- Install and activate the plugin.
You should now see a new menu in the WordPress admin called HTTPS. We need to perform a certain action on the frontend of our site and then we will be ready to use those new settings.
- Go to the frontend of your site and navigate to the My Account page. It should have been automatically created with the rest of the WooCommerce pages.
- Copy the URL of the page, as shown in the following screenshot:
- Go back to the WordPress admin.
- Click on the HTTPS menu.
- Paste the URL in the URL Filters meta box, as shown in the following screenshot:
At this point, we've protected the My Account page. You can repeat this process for any other pages where you ask the user for sensitive information.
- Click on Save Changes.
If you go to the frontend of your site, you should be able to go to the My Account page and it should automatically load in HTTPS.
