Upgrading To HTTPS And SSL And Why You Need To Do It

HTTPS And SSL

Without HTTPS and SSL, your site will be labeled as not secure.

This is not good for your PR for your site.

Whether you like it or not, technology moves forward rapidly every day.

So what are SSL and HTTPS?

Upgrade to HTTPS

It is impossible to keep up with every little change.

But updating to HTTPS (HyperText Transfer Protocol Secure) and SSL (Secure Sockets Layer) is now a must.

If you stay with an old HyperText Transfer Protocol (HTTP) site, your site will soon be labeled by most browsers as being an insecure website.

In other words, this will indicate that your site is not trustworthy, which won’t go down at all well with your site’s visitors.

Very soon, most browsers will label all HTTP sites with a prominent ‘Not Secure‘ warning.

Here is the Google Chrome Not Secure warning.

This website is not secure warning - Chrome Browser

If you don’t know what all these acronyms mean, you can read a good basic explanation on Wikipedia.

It will not be an issue for those authors and self-publishers who use free blogging platforms such as Blogger, WordPress.com, Weebly, or Wix.

All of these services are HTTPS and SSL secured.

But it is becoming a pressing issue for authors with websites and blogs that are self-hosted.

The future of the Internet is all about secure connections, encrypted communication, and protection of sensitive information and user data.

Google has made it clear that it wants sites to be HTTPS and SSL secure by giving secured sites a ranking factor preference in Google Search Console.

After updating all my sites to HTTPS, I have seen a 15% jump in site traffic.

So taking the time to establish a secure connection to my site is well worthwhile.

 

What do you need to do to get HTTPS and SSL on your site?

Changing your website or blog from HTTP to HTTPS versions is relatively simple.

You can do a search on Google for this information, and you will get hundreds of advice articles such as this one to guide you through the process.

But basically, you can most probably obtain a free SSL certificate from your website or blog hosting service, and then apply it to your site.

Let’s Encrypt is one of the most popular SSL certificates, and it satisfies all the necessities.

It’s straightforward to install. On most hosts, it’s only a matter of a couple of clicks to change to HTTPS sites.

Once you make the change on your hosting provider, you will have a secure HTTPS and SSL certified site. It will be recognized in all modern browsers as safe and secure.

You will see a padlock icon in front of your URL, and in most browsers, there will be a green, secure label telling visitors that your site is safe to visit.

 

Great. All done!

But, hold on a minute because there is one BIG problem.

Most of the advice articles I read before changing all my sites over to HTTPS and SSL made it sound so simple.

And it was. My sites were HTTPS, and SSL secured in minutes on all web browsers.

But only a few articles mentioned the one big problem this change creates.

 

You must add a redirect

Changing from HTTP to HTTPS and SSL changes your site’s URL.

Because of this, your HTTP URL will no longer work.

So all the internal and external links to your site will become dead links.

This is very bad news because all the work you have done in promoting and linking your website or blog will now lead to a page not found 404 error.

 

The solution

If you know how to edit your .htaccess file on your web server host’s Cpanel, you can add a permanent 301 redirection to make all the pages and posts from your old HTTP address automatically redirect to your new HTTPS address.

Use the following code but exclude the ‘RewriteEngine on‘ if it already exists, and replace ‘yoursite.com‘ with your site address.

# BEGIN Permanent redirect of old URLs
<IfModule mod_rewrite.c>

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://yoursite.com/$1 [R=301,L]

</IfModule>

Now every page will link immediately to the corresponding page of your new site.

If you don’t know or are not sure how to edit your .htaccess file, get someone who knows how to do it to help you.

Making even a small mistake in editing your .htaccess file can lead to your site going down.

Once the redirect is working, all the old links leading to your site will find the new HTTPS connections.

However, it is good practice to update your website address on your social media profiles, even if only to show people that you have a secure site.

If you use Google Analytics, you will need to go to Admin > Property Settings and change your site to HTTPS.

No other action is needed, and all your analytics data will be retained from your old address.

For Google Search Console you need to create a site move. You can read about changing from HTTP to HTTPS in this Google FAQ.

You will need to create a new property and wait for Google to crawl your new site. It can take about two weeks, so be patient.

If you use WordPress, you can also make sure all your pages are redirected correctly with a simple SSL secure content plugin.

 

Summary

If you have the know-how, there’s no reason not to upgrade your website or blog to HTTPS with an SSL certificate.

The benefits of site security for your website visitors and a small boost in traffic from Google and Bing search engines will be worth the investment of an hour of your time.

For those who don’t have the skills, contact your hosting service and ask if they can help you upgrade your site.

Some hosts offer a free SSL certificate.

If it can’t, find a friend with the expertise or engage the services of a website developer.

Because it takes only a half an hour or so to change a site to HTTPS, it shouldn’t break your bank to pay for the upgrade.

HTTPS is now the standard, so if your site is still on HTTP, you will need to think about upgrading quite soon.

Derek Haines

A Cambridge CELTA English teacher and author with a passion for writing and all forms of publishing. My days are spent teaching English and writing, as well as testing and taming new technology.

3 thoughts on “Upgrading To HTTPS And SSL And Why You Need To Do It

  • August 27, 2018 at 11:44 pm
    Permalink

    How much did it cost you to obtain the certificate required to convert to https? My host will do the whole thing for $285. When I looked at doing it myself, getting the certificate alone was nearly $200.

    There are some freebie services but I don’t know how trustworthy they are, or if it even matters. :/

    Reply
    • August 28, 2018 at 6:51 am
      Permalink

      I used a free Let’s Encrypt certificate through my host and it works fine.

      Reply
  • May 23, 2017 at 11:49 pm
    Permalink

    Hi some hosting companies won’t allow let’s encrypt certs as they have arrangement with another supplier such as Thorpe. I wonder if could just allow my humble WordPress site be managed by Cloud flare which will handle the SSL as well.

    Reply

Add Your Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.