Every Web Host Bazaar shared plan ships with AutoSSL enabled. As long as your domain resolves to our servers, a free Let’s Encrypt-style certificate is issued and renewed automatically. Here is how to verify it and force HTTPS for every visitor.

1. Confirm DNS first. AutoSSL only issues a certificate once the domain points to the server. Open Domains → Zone Editor in cPanel and confirm the A record matches the server IP you were given. If you just changed it, allow up to an hour.

2. Check AutoSSL status. Under Security → SSL/TLS Status you will see every domain on the account and its certificate state. A green padlock means a valid cert is installed. If it shows AutoSSL Disabled or Excluded, click Include Domain During AutoSSL and then Run AutoSSL.

3. Force HTTPS for visitors. Just having a certificate is not enough — visitors typing http:// need to be redirected. Under Domains → Domains, toggle Force HTTPS Redirect for each domain. cPanel writes the right .htaccess rules for you.

4. Update WordPress URLs. In Settings → General, change both WordPress Address and Site Address to https://yourdomain.com. Save. WordPress will log you out — log back in over HTTPS.

5. Fix mixed content. If browser shows a broken padlock, run a free scan at whynopadlock.com or use the Really Simple SSL plugin to rewrite legacy http:// asset URLs to https://.

6. Test renewal. AutoSSL renews about 30 days before expiry, but it is worth checking the certificate detail in the browser once a quarter to confirm the expiry date moves forward.

What AutoSSL does not cover. Wildcard subdomains and certain CDN setups still need a paid certificate or a manual Let’s Encrypt wildcard via DNS validation. For 95% of sites, the default AutoSSL is all you need.