Securing your website with SSL is one of the most important steps you can take for your visitors and your business — and on Momo Cloud shared hosting, it is completely free and installs automatically.
What Is SSL and Why Does It Matter?
SSL (Secure Sockets Layer) is the technology that encrypts the connection between your visitor's browser and your website. When SSL is active, your site address begins with https:// instead of http://, and a padlock icon appears in the browser address bar.
Without SSL, modern browsers such as Chrome and Firefox display a "Not Secure" warning next to your site address. This warning can cause visitors to lose trust and leave your site immediately — even if your site does not collect any sensitive data.
- Security: All data passing between your visitor and your server is encrypted, protecting passwords, form submissions, and personal details.
- Trust: The padlock icon and
https://prefix signal to visitors that your site is legitimate and safe. - SEO: Google officially uses HTTPS as a ranking signal. Secure sites are favoured over non-secure ones in search results.
- No "Not Secure" warning: Removing this browser warning reduces bounce rates and builds visitor confidence.
Free SSL on Momo Cloud — How It Works
Every shared hosting account on Momo Cloud includes a free SSL certificate powered by AutoSSL and Let's Encrypt. AutoSSL checks your domains regularly, issues certificates automatically, and renews them before they expire — you do not need to purchase, upload, or manually renew anything.
Important: For AutoSSL to issue a certificate for your domain, the domain's nameservers must be pointed to Momo Cloud. Use nameservers ns1.momo.tz and ns2.momo.tz. If your domain still points to another provider's nameservers, AutoSSL cannot verify ownership and will not issue the certificate.
Step 1 — Point Your Domain to Momo Cloud
If you registered your domain elsewhere, log in to your domain registrar's control panel and update the nameservers to:
ns1.momo.tzns2.momo.tz
DNS changes can take up to 24–48 hours to fully propagate worldwide. Once propagation is complete, AutoSSL will detect your domain and issue the certificate automatically — usually within a few hours.
Tip: If your domain is registered directly with Momo Cloud, your nameservers are already set correctly and you can skip this step.
Step 2 — Check Your SSL Status in cPanel
Once your domain is pointed to Momo Cloud, you can verify your SSL certificate is active at any time inside cPanel.
- Log in to your cPanel account. You can access it at
https://yourdomain.com/cpanelor through your Momo Cloud client area. - In the Security section, click SSL/TLS Status.
- You will see a list of all domains and subdomains on your account. Each one shows either a green padlock (certificate active) or a warning icon (no certificate yet).
- If your domain shows a green padlock, your SSL certificate is already installed and working.
Step 3 — Run AutoSSL Manually (If Needed)
AutoSSL runs on a schedule, but if you need your certificate issued immediately — for example, right after pointing your nameservers — you can trigger it manually.
- Inside cPanel, go to Security → SSL/TLS Status.
- Click the Run AutoSSL button at the top of the page.
- AutoSSL will check all domains on your account and attempt to issue or renew any missing certificates.
- Refresh the page after a minute or two. Newly issued certificates will appear with a green padlock.
Tip: If the certificate still does not issue after running AutoSSL manually, confirm your domain's DNS is fully propagated first. Use a tool such as dnschecker.org to verify that your domain resolves to Momo Cloud's servers before trying again.
Step 4 — Force HTTPS So All Visitors Use the Secure Version
Having an SSL certificate installed does not automatically redirect visitors who type http:// to the secure https:// version. You need to enable a redirect so that all traffic is forced over HTTPS.
Option A — Use the cPanel Force HTTPS Toggle (Easiest)
- In cPanel, go to Domains (or search for "Domains" in the search bar).
- Find your domain in the list.
- Toggle the Force HTTPS Redirect switch to ON.
- cPanel will automatically add the redirect for you. Test by visiting
http://yourdomain.com— it should redirect tohttps://yourdomain.com.
Option B — Add a Redirect via .htaccess
If you prefer to control the redirect yourself, or if your site uses a custom configuration, you can add the following rules to your .htaccess file, located in your website's root folder (usually public_html).
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]Place these lines at the very top of your .htaccess file, before any existing rules. The 301 redirect tells browsers and search engines that the move to HTTPS is permanent, so your SEO is preserved.
Tip: Always keep a backup of your .htaccess file before editing it. A syntax error in this file can make your site temporarily inaccessible. You can edit or restore it via cPanel → File Manager.
Step 5 — Fix Mixed Content Warnings
After switching to HTTPS, you may still see a warning or a broken padlock in the browser. This is usually caused by mixed content — meaning some resources on your page (images, scripts, stylesheets, or links) are still loading over http:// instead of https://.
- Check your browser's developer tools (press F12 and open the Console tab) to see which resources are loading over HTTP.
- Update any hardcoded
http://links in your content, theme files, or database to usehttps://. - If you use WordPress, a plugin such as Better Search Replace can update all
http://references in your database tohttps://in one step. Also update your WordPress Address and Site Address in Settings → General to usehttps://. - For external resources (scripts or fonts from third-party providers), ensure those providers also support HTTPS — most do.
SSL Renewal — Nothing to Do
Let's Encrypt certificates are valid for 90 days, but AutoSSL renews them automatically well before they expire. You will never receive an expiry warning or need to take any action to renew your certificate. Your site stays secure without any ongoing maintenance on your part.
Troubleshooting
Browser Still Shows "Not Secure" After Certificate Is Issued
- Clear your browser cache and reload the page. Old cached versions of your site may still load over HTTP.
- Confirm that the Force HTTPS Redirect is enabled (see Step 4 above), so visitors are automatically sent to the
https://version. - Check for mixed content warnings using your browser's developer console and fix any HTTP resources (see Step 5).
AutoSSL Is Not Issuing a Certificate for My Domain
| Possible Cause | What to Do |
|---|---|
| Domain nameservers not pointed to Momo Cloud | Update to ns1.momo.tz / ns2.momo.tz at your registrar and wait for DNS propagation (up to 48 hours). |
| DNS not yet fully propagated | Use dnschecker.org to confirm your domain resolves correctly, then run AutoSSL again. |
| Domain recently added to cPanel | Wait a few hours after adding the domain, then run AutoSSL manually from SSL/TLS Status. |
| Subdomain not resolving | Ensure the subdomain has a DNS A record in cPanel → Zone Editor pointing to your hosting IP. |
Certificate Shows as Expired
AutoSSL handles renewals automatically, but if a certificate shows as expired, go to cPanel → SSL/TLS Status and click Run AutoSSL to force an immediate renewal check. If the problem persists, contact the Momo Cloud support team via live chat or a support ticket.
You Are All Set
With AutoSSL, Momo Cloud makes SSL completely effortless — there is nothing to purchase, install by hand, or renew. As long as your domain points to Momo Cloud nameservers (ns1.momo.tz / ns2.momo.tz), your site will be protected automatically. If you run into any issues that the steps above do not resolve, the Momo Cloud support team is available around the clock to help you get your site fully secured.
Was this article helpful?