Kudos on choosing WordPress for powering your website!! I’m sure you must be having a great time managing your WordPress website. If Google’s recent announcement pertaining to use of HTTPS as the ‘ranking signal’ has motivated you to make a switch from HTTP to HTTPS then you’ve landed at the right place.
This is a tutorial which will aid you in understanding the key difference between SSL/HTTP and HTTPS along with a refined technique of migrating your WordPress website from insecure HTTP communications protocol to highly secure HTTPS.
Wondering as to how a switch from HTTP to HTTPS will enhance your website’s security and seo-ranking, read on…..
Unlike the traditional security technology i.e. SSL(Secure Sockets Layer)/HTTP, HTTPS is specially designed for utmost data security over unencrypted networks such as Wi-fi. HTTPS is basically a URI(Uniform Resource Identifier) scheme which comprises of a syntax which is exactly similar to the one available in the standard HTTP scheme. Once you’ve chosen to serve your WordPress website content via HTTPS, you rest assured that all the user data would be safely defended against any sort of identity theft. With HTTPS signaling your web browser to add a new encryption layer of SSL, you can ensure complete data security for your website.
Talking about the SEO of a WordPress website, post migration from HTTP to HTTPS, it certainly works as a magic wand. There is no penalty involved with migration of a WordPress website from conventional HTTP to HTTPS, provided the process is being executed appropriately.
Switching From SS-Protected WordPress Website To HTTPS-Enriched WordPress Website:
In this tutorial, I’m considering the example of a WordPress website which is available on a shared-hosting server. Before proceeding ahead with the migration of WP website from HTTP to HTTPS, do ensure that SSL/TLS has been activated for your shared hosting. You can check the activated/deactivated status of your SSL/TLS by simply logging in to the cPanel where you can find a SSL/TLS Manager option available under the ‘Security’ widget as shown in the below screen-shot:
If the SSL/TLS hasn’t been activated, contact your hosting service provider rightaway.
Stepwise Approach For Migrating WordPress Site From HTTP To HTTPS:
The method of switching WordPress HTTP site to HTTPS includes three steps viz: getting and activating the SSL certificate for your website domain, installing the SSL certificate on the server and finally modifying the website permalinks from http to https. Let’s take a closer look at these three steps:
Step 1:) Get And Activate The SSL Certificate:
Well, there are ample number of companies out there selling SSL certificates for WordPress powered websites. Some popular ones include: Media Temple, Comodo, SSLs.com, GoDaddy and Namecheap. There are a number of factors affecting the selection of an SSL Certificate viz: whether the certificate needs to include the company’s name? Whether the certificate needs to be issues immediately? Whether you are interested in securing multiple host names via a single SSL certificate etc.
In this tutorial, I’ve purchased an SSL certificate from Namecheap. Next, we need to activate the SSL certificate. This will be done using the steps explained below:
- Obtain the CSR(Certificate and Signing Request) code from the hosting company- For this, simply login to your shared hosting cPanel account and go to SSL/TLS Manager. Next, click on the link below ‘CSR(Certificate Signing Requests) and after filling out the form for domain on which you intend to create the SSL, click on the ‘Generate’ button. Screen-shot for this is shown below:
- Next, go to the SSL/TLS Manager section and enter the above generated CSR code into the text area field. For the ‘Select web server’ field, select the web server on which your host is operating currently(here, I have chosen cPanel because I’m running on host on it) and click on ‘Next’ button. Screen-shot for this step is shown below:
- On the proceeding page, you’ll be required to enter the CSR details in addition to choosing an approval email as shown in below screen-shot:
Once you’re done with providing the desired details, click on ‘Next’ button to submit the Digital Certificate Order. After successful submission of the order, you’ll receive an approval email wherein you’ll be expected to follow some instructions for validating your domain. With successful completion of domain validation process, the SSL certificate would be sent to your email address.
Step 2:) Install The SSL Certificate On Your Server:
Although it is more advantageous to assign a dedicated IP address to the cPanel account for installing the SSL Certificate, if you can’t afford one, then you can simply opt for the SNI(Server Name Indication) extension that allows your server to support multiple HTTPS websites. In this tutorial, the shared hosting that I’m using for my WordPress site supports SNI so I’m opting for the same. Just follow the below steps to proceed ahead with installation of SSL certificate:
- Go to cPanel-> SSL/TLS Manager and click on the ‘Upload’ link available under ‘Certificates (CRT)’ label.
- Firstly, upload the certificate(with extension as .crt) using the file-upload control or you may even copy paste the certificate in the provided text-area. Finally, click on the ‘Upload Certificate’ button as shown in below screen-shot:
- Next, in order to activate the SSL Certificate for your site, simply click on ‘Manage SSL Sites’ link provided beneath the ‘Install and Manage SSL for your site(HTTPs)’ text. On the page displayed thereafter you’ll be required to select your domain, click on ‘Autofill by Domain’ button and lastly click on ‘Install Certificate’ button. The screen for this would look like:
Step 3:) Change Website Permalinks From HTTP To HTTPS:
For this, simply login to your WordPress website’s admin dashboard and go to Settings-> General. Here, check out whether the WordPress Address URL and the Site Address(URL) contains https or not. If any of the URLs lack https, just add an ‘S’ after http and save the changes. Moreover, if you have chosen a CDN(Content Delivery Network) for serving your website content such as images, CSS style sheet etc, then make sure all the URLs include https or else the web browser would regard your site as insecure.
Now that you’re done with moving your WordPress website from HTTP to HTTPS, just ensure to follow the last two steps viz: setting up a 301 permanent redirect and informing Google about the URL change for your WP site.
Here’s hoping by now you’d have got all geared up for moving your WP site from HTTP to HTTPS. So, what’s keeping you waiting? Go ahead and follow the steps mentioned in this tutorial to make your site more trustworthy among targeted audiences.