HTTPS is always an advantage. Most of the website owners realize the benefits that it brings with it, which is why it is almost imperative to move to an HTTPS website. But some website owners feel that the move can be a tedious process and they simply do not want to go through the hassles. There are few who even feel intimidated by the idea of moving from HTTP to HTTPS. Let us find out more about the process and how you can make the switch.
Before making the switch, make sure you check the documentation for HTTPS with your server or CDN. While they shouldn’t ideally be a whole lot of problem, it is always better to know what is required beforehand. Better preparation will help you switch more easily and seamlessly.
Buy an SSL Certificate
SSL certificates are responsible for activating the HTTPS protocol on your website. These small data files ensure that a secure connection is established between your website and the server. If you were to search online, you will find a number of SSL certificate vendors. The level of security depends on the type of certificate you purchase.
Depending on the certificate you choose, you will notice either a green padlock or your website’s name in green.
Install the Certificate
Once you have made your purchase, you will have to install the certificate on your web server so that your website can switch to HTTPS. The entire process will depend on your hosting environment and your server setup. This process is usually well-documented so you wouldn’t have to worry about support for it.
Update the following:
- All references to internal links so that they use HTTPS
- All references in templates must use HTTPS
- Canonical tags are usually updated by CMS, but check to make sure that it is done effectively
- Hreflang tags, OG tags and any other tags used by your website. CMS usually updates it automatically but it is always better to check.
- All plugins, modules and add-ons should be secure as well. Remember to check all of them to avoid insecure content.
- The robots.txt file to include your new sitemap. All blocking rules or hard-coded links which were in the file that pointed to HTTP directories or files must be updated.
- The sitemaps so that they use the HTTPS URLs.
Crawl the Website
It is important to check if you have missed on a link or if you have a broken link. Any content that is not secured yet must be taken care of. Depending on the web crawler you are using, you may be able to export insecure content
Many website owners tend to avoid moving to HTTPS because they are afraid that the website ranking will drop. By enabling HSTS, the browser knows that it has to use HTTPS. This eradicates a server-side check that you may have to otherwise conduct. It also helps in loading the website more quickly.
Enable OCSP Stapling
By doing so, you will be able to enable the server to confirm if a security certificate has been revoked. This helps in keeping the browser from downloading or cross-referencing with the authority that issued the certificate.
- Add Support for HTTP/2 on CDN by going to Zones in your keyCDN dashboard.
- Update Search Engine Versions of Webmaster Tools
Now that your website has an HTTPS version, this must be added to the search engine versions of the Webmaster Tools which are used by you. This is an important step to ensure that your website continues to run smoothly once the migration is complete.
You will be required to update the Disavow file if you have had one for the HTTPS version. This is an important step which may bear serious repercussions if it was not updated. Remember to use the Google Disavow tool and resubmit your file under your new HTTPS website.
URL parameter settings
If you had configured the URL parameter settings for your website, then you must remember to update this too. So that the content on your website is secure.
Update Google Analytics Profile URL
If you do not want to lose your history from the HTTP version of your website, then remember to go to the Google Analytics Website’s URL and go to Admin to change the URL to the HTTPS version.
Other Miscellaneous Updates
Other updates that you must consider during the process of migration are:
- Third party PPC URLs. These will include AdWords, Bing Ads and FB Ads.
- Remember to update all e-mail marketing software URLs so that they use the HTTPS version of your website.
- All social media platforms must have the HTTPS version of your website as well. So check Facebook, Twitter, Google+, LinkedIn and any other social media sites that you use to ensure that the new version of your website is updated on them.
- Go as far as you can to update the external links and backlinks to your website. This will help your website’s ranking.
Migrate Social Media Share Counts
If you use social media buttons on your website then you must synchronize the share counts, posts and comments for the HTTP and HTTPS version of your website. Not doing so can lead to duplication of data. Many plugins identify the two versions as two separate pages. Since you would want your website to show the same data no matter which protocol is used, it is important to synchronize the two. Depending on the plugin you use, you may have to follow different steps, but essentially you have to get the HTTP version of the current page and this URL to the plugin so that it treats both versions as the same.
This is the last step in completing your migration from HTTP to HTTPS. Every step requires you to be attentive so that you do not miss out on certain links or updates. Since HTTPS is here to stay, it is better to do this now than continue to use the unsecure HTTP protocol.