Websites are a must for successful online marketing and getting customers for your business. In today’s world where security is a major concern, having a website would not suffice. You should have a secure website with HTTPS that maintains the integrity of the customer’s information as well as your business. Google has also started to mark Non-secure” to HTTP sites from July 2018 to make the online world secure and to prevent from online hackers. HTTPS also helps in terms of SEO and to get rank in Google SERP.
If you own an HTTP WordPress website, here’s how you can migrate it to HTTPS and secure the connection step by step:
- Create a backup for your website.
- Install the SSL Certificate.
- Add Https to the WordPress Admin Area.
- Edit the Website Address.
- Revise all the links in your content and templates.
- Apply 301 redirects in .htaccess.
- Test and make the website live.
- Update the site environment.
Let’s see How To Convert HTTP To HTTPS in details
#1 Create A Backup For Your Website
Before moving your HTTP website to HTTPS, create a backup. That’s the key to making major changes to any website without any hassles.
#2 Install The SSL Certificate
After creating a backup, execute your SSL Certificate. Your host determines how convenient or tough it would be for you to do so. In case you have got your SSL Certificate from a third party, just go through the instructions provided by the host and execute the installation. Subsequently, you should make the modifications to the website. Encryption with an SSL Certificate helps you to make the customers trust you and generate better conversion rates. It boosts your search engine ranking by driving more traffic to your website. You will get quality leads as no unauthorized sources will gain access to your website.
Pro-tip: Non-technical professionals can install the plugin Really Simple SSL to make things easier.
#3 Add HTTPS To The WordPress Admin Area
The WordPress dashboard will be the very first point where you will be able to check the HTTPS connection. Once you secure the backend, you can ensure the secure transmission of information between the browser and the server at the time the user signs in.
How to do it?
Open wp-config.php in your WordPress root folder and include the below-mentioned line before the phrase “That’s all, stop editing”.
define(‘FORCE_SSL_ADMIN’, true);
After doing so, you should test whether it works or not. Access your login page after adding HTTPS in the URL – let’s say https://www.mysite.com/wp-admin.
If you have performed all the steps correctly, it will take you to a secure connection. Then, proceed to the next step.
#4 Edit The Website Address
After you have moved the WordPress backend over to HTTPS, carry out the same steps for all the pages of the website. Go to Settings> General and update your website address.
Just include https:// at the beginning of the WordPress address and site address and then save the settings for the changes to work.
Note: You may be asked to log in again.
#5 Revise All The Links In Your Content And Templates
All the links in the content and database that have the old HTTP address need to be changed. You can use a plugin similar to Velvet Blues or the Search and Replace Script. The only thing you should remember is that you should use it in the right way.
Your website will be having links to external websites and assets from the theme templates and other function files that have absolute HTTP links. You should make the necessary amendments to all these links.
Elements to be checked
Images, videos and audios on your site
Web fontspaste
JS and CSS files or assets used within them
Internal links
iFrames
Pro-tip: It is recommended that you change the links to // rather than https://. Doing this will create respective links by itself.
#6 Apply 301 Redirects in .htaccess
Next step will be to set up a redirect so that all the visitors are automatically diverted to the revised secure website. For that,.htaccess is used to achieve redirects. It is an important system file residing on the server. You can generally find it in the WordPress root directory.
This file consists of settings useful for creating suitable permalinks, so it is obvious that your installation comes with it already. You will be able to find it after you enable the FTP client to display the hidden files as .htaccess is not visible in a default setting. In case you do not have it, you only need to make a plain text file with the name .htaccess and upload it to the WordPress root directory. Easy, right?
Next, paste the lines written below.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
Bingo! This ensures that the visitors and Google bots are automatically redirected to the HTTPS version of your WordPress website.
Pro-tip: Check that no page exists in both versions. This can hamper your Search Engine Optimization as Google will not understand which page is to be crawled. It might charge you with duplicate content and that would deter your ranking on search engines.
#7 Test And Make The Website Live
All the important steps are now complete. Before going live, test whether all the pages are working well. Go to www.ssllabs.com/ssltest and submit after inserting your domain name. You will get a general score that will tell you whether you have executed SSL on your website properly or not. Additionally, you will also be able to determine the problems and resolve them.
#8 Update The Site Environment
After completing the test, you should update the sitemap if your SEO plugin does not do it automatically. Go to all the webmaster tools that you use and add the HTTPS version of your website as a new property. Also, upload the new sitemap and update your Content Delivery Network if you are using it. This will reduce the loading time of your website.
Change all the links in the analytics and make sure you restore the social share counts.
Wrapping Up
These steps will help you move your site to HTTPS without any major difficulties. In case you face any hurdles, you should take help of a technical expert who can assist you with successful migration to HTTPS.
Did I missed any step To Convert HTTP To HTTPS? Do tell me by commenting below.