# Secure HTTP

In modern web development, you should be using `https`. There are no excuses not to use it. All hosts should be providing the free letsencrypt certificates as a minimum.

Additionally, your entire site should be secured. Don't secure only WP Admin, the frontend should be secured too.

Failure to do this can bring legal risks, SEO penalties, and security risks to both you and your customers.

## What To Do If Your Host Charges for Certificates or Installation

This is a major red flag, and irresponsible, you should change hosting provider. Lots of good alternatives for hostng WordPress exist that provide free certificates and installation, ranging from the lowest prices to enterprise grade providers.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.wptherightway.org/security/tls-https.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.