In its 2014 I/O Conference Google proposed that it plans to make the web a safer place for everyone by making HTTPS a ranking signal for search engine rankings. HTTPS is secured form of HTTP web portals. They are secured with an SSL certificate. The encryption ability of SSL certificates ensures that the data shared between the user browser and the server remains intact and safe.
Ever since Google’s proposal for HTTPS Everywhere as well WordPress decision to make 2017 a year of HTTPS, web admins have been scurrying up to migrate their websites to HTTPS.
The benefits of HTTPS migration are many too. Here are some benefits that will inspire you to make HTTPS a top of the list item for your website:
- It insulates the website from malware injections
- It eliminates the possibility of data interceptions
- It instills confidence in the minds of users
- It helps admins comply with PCI DSS standards
- It helps boost search engine rankings
And, the future is going to be HTTPS Everywhere. You simply cannot stay using HTTP, lest your website will decline in performance forcing your users to go somewhere else.
How to migrate from HTTP to HTTPS?
Migrating a website from HTTP to HTTPS requires a series of manoeuvres in the backend. For a naive user, this can appear to be a maze that is impossible to solve. But, worry not. We have put together this list of things-to-do that will move your website to the safer side of the web without any hassles.
Broadly, these are the steps you have to do to migrate to HTTPS successfully:
- Buy an SSL Certificate
- Update Hard-coded links to HTTPS
- Add 301 Redirects to new HTTPS URLs
- Update new HTTPS links in Robots.txt
- Configure HTTPS changes in CDN
- Update HTTPs links in Google Analytics profile
Buy an SSL Certificate
Buying an SSL certificate is the flag off point to HTTPS migration. Depending on your business needs, you can pick from several types of SSL certificates, including a Domain Validation (DV), Organization Validation (OV) or Extended Validation (EV) SSL certificate.
Each type of SSL certificate has its own varying level of security features.
If you are an online store that transacts banking transactions, it is better to go for an EV SSL certificate. EV SSL certificates are issued after an elaborate process which makes it impossible to replicate by anybody else other than the website owner.
Configure the SSL certificate in your web server. The installation process varies for Apache, NGINX, WHM, Microsoft server panel and other server platforms.
Suggested Read: HTTPS Implementation Mistakes
Update all Hard-coded links to HTTPS
Sometimes to enable specific web functions or for customizations, web developers hard-code links into the server. These links should also be updated in the new HTTPS URL so that the website continues to perform in the same manner it used in the previous HTTP version.
We also recommend using WordPress plugins like Really Simple SSL to do all the work that is needed to update your hard-coded links to the new link.
Add 301 Redirects to new HTTPS URLs
301 Redirects are permanent redirects used to transfer the entire page ranking of a URL to another URL or the redirected page.
When you are implementing HTTPS, the link juice of the previous web page needs to b carried forward to retain your search engine ranking. Adding 301 redirects to the new HTTPS URL helps achieve that. Depending on the number of URLs you have, you can choose to the redirects at a server level or even use a plugin to do it for you.
Update new HTTPS links in Robots.txt
Robots.txt is a file that says search engine bots where to look for information in the website. It weighs heavily in giving your website much search engine ranking. If your Robots.txt file is still pointing to the old HTTP web portal, your search engine ranking post HTTPS migration will be negatively impacted. Hence, the need to update the new HTTPS links in the Robots.txt file to maintain and improve your search engine ranking.
Configure HTTPS changes in CDN
There are three major things that need to be done on the CDN front. First, install the SSL certificate. Second, update the origin URL on CDN.
To update the Origin URL, head to Zones -> Manage -> Edit and change the URL from HTTP to HTTPS.
Third, enable HTTP/2 support on CDN. follow the same path as changing the origin URL. at Edit stage, click on Advanced Features and select ‘Enable’ from the drop down menu and save the changes.
Further, like in the database, if you have done any hard-coding, they should also be redirected to the HTTPS website. This will implement the necessary CDN changes for your HTTPS website.
Update HTTPs links in Google Analytics profile
Google Analytics tells you where your organic and paid traffic is coming from. It shows all your web activity like how many visitors came to your website in a day, how long they spent on each day, goal completions and so on.
If your website links are wrongly updated in Google Analytics, then you might miss on your website’s actual performance.
Luckily, Google makes it easy to update the URL from HTTPS to HTTPS. Head to default URL section and select your website domain for which you want to update. From the drop-down menu select HTTPS and you are done. As simple as that.
Other Minor changes
Other than changing the HTTPS links in Google Analytics, you will have to make other changes to the links given in your third party ad programs like Google Ads, Facebook Ads, Twitter Ads, etc. If you are using any email marketing software like MailChimp, GetResponse, etc. then don’t forget to redirect the links to the HTTPS website. Update links in your social media account too for the HTTPS migration to take complete effect.
Migrating from HTTP to HTTPS is not easy task. Missing to update links or updating the wrong links can make you running in rounds for weeks long. Make sure you follow a proper plan or use a checklist to ensure that all migration tasks are carried out in a straightline manner.