How to Fix Secure Connection Error in WordPress

Does the message “Unable to establish secure connection” error keeps popping up on your screen whenever you try to update a plugin or theme on your WordPress site? This WordPress error is quite common and can keep you from installing or updating themes or plugins on your WordPress website. In this article, I will write about this error and how you can fix the secure connection errors in WordPress.

What is a Secure Connection Error in WordPress?

The Secure connection error in WordPress is an error message that pops up on your screen whenever you are trying to update or install a plugin or theme on your WordPress website preventing you from making any installation or update.

This is the error message you will receive for a secure connection error in WordPress:

An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /home/username/public_html/wp-admin/includes/update.php on line 122

This error message gives you a clue of what went wrong, but it doesn’t tell you how you can fix the error.

Now we know what the secure connection error means, let’s ‌look at the cause of the error.

What are the causes of the Secure connection Error in WordPress?

  • Your server is badly configured. One of the reasons you are getting this error message may be because your web server is badly configured, resulting in it being unable to WordPress.org.
  • Your website is under strain because of heavy resources or traffic. Having a low resource space can be bad especially if your site is getting heavy traffic. If you’re using shared hosting for your site, this could be your dilemma. Shared hosting comes with limited resource space, so if your site has a lot of traffic it can strain the web server’s resources resulting in a secure connection error.
  • Badly configured firewall. Firewalls are installed on websites to protect them from malicious attacks. The problem comes when these firewalls are badly configured; they become too protective. These firewalls may prevent you from performing changes like the installation or updating of plugins or themes in your WordPress website. They could block entire ports, disabling the ones needed by your website. All this can cause you to get a secure connection error in WordPress.

How to Fix Secure Connection Error in WordPress

Check if your web server is under a DDoS attack

If your web server is getting a secure connection error, there are chances that your website is under a DDoS attack. These can cause every connection you attempt to establish with WordPress.org to timeout, thus causing a secure connection error.

The issue mostly gets resolved on its own, so give it a few minutes then retry the connection. If you cannot create a connection, ‌contact your web hosting provider for help.

Check for DNS issues

If your website is hosted on cloud or VPS, then it’s possible the reason you are getting this secure connection error may be because of DNS issues. These can be the reason your web server cannot connect with WordPress.org.

To fix this issue, connect to your web server using Secure Shell Access (SSH). SSH is an encrypted protocol that lets you get secure access to your web server and perform changes to your file using command-line tools.

If you’re using Windows, you will need a tool called PuTTy to gain this access. For Mac and Linux users, you can use the terminal app.

Once you have installed PuTTy into your Windows, run the tool and select SSH as your Connection Type. In Hostname enter the address provided to you by your web host. Enter all the required login credentials, if you are sure of what to do, you can contact your web host for assistance.

Once you’re logged into the terminal, enter the following commands to connect the terminal to your server:


[email protected]

Replace the username and domain with your own username and domain name. 

Once you are connected, run the following command to go to the Hosts file:

sudo nano /etc/hosts

This allows you to access the host’s file using nano editor. Now add the following code to the bottom of the file. api.wordpress.org

The aim of the code in the host file is to map WordPress.org to the correct IP address. When you are done, save the changes and exit. Go back to your website and check if the error has been resolved.

Check if the cURL Extension is Enabled for PHP

WordPress relies a lot on PHP for its functionality. This can be an issue if you don’t have the right version installed. If you are hosting your WordPress website on your computer, there are chances ‌you don’t have the cURL extension enabled for PHP.

The cURL extension is a PHP extension that allows your WordPress website to connect to WordPress.org to access updates. This extension is required for downloads or updates of plugins or themes from the official repository.

You can find this file extension in the PHP folder of your WAMP, Mamp, or Xampp folder.

Connect to your server using SSH, then enter the following command:

sudo nano /etc/php.ini

If you’re using Windows, look for the following line of code within the file:


For Mac and Linux users, look for the following lines:


If you can’t find them, ‌add them. Don’t forget to remove the semicolon, now save the changes to your php.ini file, and reload your server.

Check if the right ports are open on your firewall

If your cURL extension is properly installed, then the secure connection error is probably caused by your firewall blocking ports required for connection with WordPress.org.

If there’s a firewall installed on your web server, ‌check to ensure it isn’t blocking any of the necessary ports. You can also check if the firewall installed on your device is also blocking the connection.

If you are using Windows, click on start and run a search for Windows Firewall. For Mac users, go to System Preference > Security & Privacy to configure your firewall.

Add Apache to the list of programs that your firewall should allow for both incoming and outgoing connections. 

You can also contact your web host to check if the source of the secure connection error is from Firewall.

Leave a Reply