Moving your website from HTTP to HTTPS hold the key to the better performance of your website, faster access, and enhanced customer experience. Recently, Google has been pushing for use of HTTPS because it is safer and builds reliability. However, many are the people who have been asking about the right process to follow when moving a website from HTTP to HTTPS. This article is step by step on how to migrate your website from HTTP to HTTPS.
- 1 Crucial benefits of migrating from HTTP to HTTPS
- 1.1 Step 1: Buy an SSL certificate and install it
- 1.2 Step 2: Update your hard-coded links to HTTPS
- 1.3 Step 3: Update the website AJAX libraries, and JS to HTTPS
- 1.4 Step 4: Include 301 redirects to the new HTTPs
- 1.5 Step 5: Update the robots.txt file and install SSL Certificate on CDN
- 1.6 Step 6: Update all original URL on CDN
- 1.7 Step 7: Ensure to enable HTTP/2 CDN support
- 1.8 Step 8: Update all your Hard-coded CDN Links to new HTTPS
- 1.9 Step 9: Google Search Console fetch and sitemaps
- 1.10 Step 10: Resubmit Disavow File
- 1.11 Step 11: Update Google Analytics
- 1.12 Step 12: Additional Updates
- 1.13 Conclusion
Crucial benefits of migrating from HTTP to HTTPS
- Better performance: Websites on HTTPS can perform 50-70% better when compared to others on HTTP.
- Raising SEO ranking by search engines especially Google.
- Improved referral data especially in marketing.
- Higher security through encrypted files, data and web content.
- Enhanced trust and credibility.
Step 1: Buy an SSL certificate and install it
To start the migration process, you will require an SSL certificate. These are small data files that help in binding keys to business details. After installation, the certificate helps to activate HTTPS protocol so that all connections between a browser and server are secure. Types of SSL Certificates include;
- Domain Validation.
- Business validation.
- Extended validation.
Then, install the SSL certificate on your website and test it using SSL Labs Server Test or SSL Certificate Check.
While many web developers know it is better to apply URLS, some still retain hard-coded URL. It is, therefore, crucial to carry all the information when migrating from HTTP to HTTPS. To easily do this, consider using Database search and replace script in PHP tool developed by Interconnect. Though it can also be done manually, the number of tables and sheets are very many and could result in errors. Remember to keep some backup as a precautionary measure.
This update helps to update all entries you have in the database including posts, canonical tags, hard-coded links, and WordPress site URL.
For those uncomfortable with making changes, it is advisable to consider using the Really Simple SSL Plugin that has over 20,000 installs.
- The plugin addresses issues WordPress has with SSL like load balancer.
- Changes site URL to https.
- Insecure content in your site is replaced with independent protocol type without making changes to the database.
Step 3: Update the website AJAX libraries, and JS to HTTPS
It is important to update all custom scripts to ensure that they point to new HTTPS. This will include all third party scripts so that mixed warming signals are avoided.
Make sure to scan all the website content to identify content that is insecure. You can do this with SSL Check Tool that helps to scan the website and notify you of all the non-secure content.
Step 4: Include 301 redirects to the new HTTPs
This is perhaps the most critical of all the steps when migrating from HTTP to HTTPS. 301 redirects are perpetual redirects that move between 90-99% of link content for a redirected page. If this is not redirected, your SEO ranking will be hurt so much and could result in a sudden drop from SERPs within hours.
When making a bulk migration, using the plugin is not recommended. The best way to do it is implementing 301 redirects right at the server level.
Step 5: Update the robots.txt file and install SSL Certificate on CDN
If there is robots.txt still pointing to HTTP, update them at this stage. Then, install the SSL certificate on CDN. Many providers have customized SSL or shared option.
Enable shared SSL: This is free in many CDN companies and comes with easy to follow step.
- Visit and click zones in your CDN dashboard
- Click manage and edit
- Follow show advanced features
- Then, under “SSL”, enable shared [this will help to redirect all HTTP requests on CDN to HTTPS and ensure that 301 implements are moved perpetually.
- Enable free custom SSL using lets encrypt: Lets Encrypt is used by some CDN companies to allow people enable their SSL free on any custom zone.
- Enabling custom SSL: For developers enabling customized SSL, a different certificate from the one bought from a domain company will be required.
Step 6: Update all original URL on CDN
To update all original URL on your CDN;
- Visit zones on CDN dashboard
- Select Manage button and then edit
- Under the original URL, edit to read HTTPS from HTTP and click save
Step 7: Ensure to enable HTTP/2 CDN support
- Visit zones on CDN dashboard
- Click manage and select edit
- On options part, select to show advanced features
- Check ‘enabled,’ then ‘save’ to so that your zone is enabled by default.
Step 8: Update all your Hard-coded CDN Links to new HTTPS
Just like you updated the domain links, it is also crucial that any hard-coded CDN link is updated.
To easily do this, use Database search and replace script in PHP tool developed by Interconnect. Remember to keep some back-up as a precautionary measure.
This update helps to update all entries in the CDN servers including posts, canonical tags, hard-coded links, and WordPress site URL.
Step 9: Google Search Console fetch and sitemaps
Because the site is now updated and running on HTTPS, create a profile on Google Search Console. You can do this by clicking “Add property” and follow the claiming procedure.
Though sitemaps are not needed to make Google move through your site, they are very helpful when debugging issues related to indexes. If using Yandex Webmaster Tools, the same steps used in Google should be followed. However, or those using Bing Webmaster Tools, simply resubmit the HTTPS sitemaps.
To have things progressing faster, it is advisable to conduct a fetch and crawl on the new HTTPS.
- Submit homepage by hitting fetch and select “SUBMIT TO INDEX.”
- Click crawl URL and direct links. If there are very important pages, it is also crucial to submit them individually for faster re-crawling.
Step 10: Resubmit Disavow File
This step is very crucial, but many people end up forgetting it. For those who have at some time suffered negative SEO, there is a likelihood they create and provided a disavow file. Since a Google Search Console profile is already created in the previous step, make sure to resubmit the Disavow file. If you fail to, the chances are that when Google algorithm comes across your content, there might be some serious issues.
On the previous Google Search Console profile, reach to Google Disavow tool, download the file and re-launch under HTTPS. Ensure the process is completed well by getting a confirmation message.
Step 11: Update Google Analytics
To update this, visit your account, navigate to admin and view settings. Flip down the URL and select HTTPS version that allows you to keep all the history so that you able to proceed from where you left.
Step 12: Additional Updates
After completing the migration from HTTP to HTTPS successfully, the following updates are very important.
- Update the canonical tags so that they can point to the new HTTPS.
- Make sure that third party PPC URLS such as FB Ads, Bing Ads, and AdWords).
- Update all your email marketing software URL such as Aweber, MailChimp, and GetResponse.
- Update all the social media links for your website such as LinkedIn, Google Plus, Twitter, and Facebook.
- Migrate your social share counts and update backlinks and external links
To migrate from HTTP to HTTPS is a lengthy process that requires concentration and focus on details. However, by following the outlined tools, you will be able to have the new version, raise visibility, better customer experience, and conversions. More importantly, you will be able to enjoy elevated security for your database, information, and website.