It all started in 2014 when Matt Cutts (former head of the web spam team at Google) announced that HTTPS is now a light ranking signal for Google search rankings. Since that time, there have been numerous data points that have shown that the usage of HTTPS has increased over time.
Well, you see the graph going up because Google has already announced that they’re going to use it as a permanent ranking signal. Although, it does not carry a lot of weight so far (it’s still a lightweight indicator), yet considering the utility, as a site owner you need to plan for HTTPS. There is a good chance that Google might increase the impact of the signal over time.
What do they mean?
Well, there is no need to understand the technical definitions behind these terms anyway. In simpler terms, HTTPS is just a secured version of HTTP. It is something that e-commerce sites started using just to add one layer of security. I’m sure you’ve already noticed a padlock icon at the top of the browser. That is a sign of a HTTPS website. It actually means the site is secure.
In a way, HTTPS is not a completely separate protocol. It is in fact using an simple HTTP over an encrypted SSL connection. Again, SSL is nothing but a protocol that offers secure connections for transmitting files.
All you need to know is this:
HTTP is insecure and is subject to security breaches while HTTPS is designed in a way to keep these malicious elements away from the website.
Why should you use HTTPS?
If looking to take your online business seriously, you need to have a website with HTTPS as it is the best way to protect and defend against identity theft.
It also adds an extra layer of confidence among your customers. In fact, these terms are popular now and many customers are not looking to do any business with a site without these technologies.
How do you move from HTTP to HTTPS?
Let’s assume that you have already installed WordPress for your website. Now the next step is to add the SSL certificate. You need to first procure an SSL certificate for your domain. Then you need to install it on the server and have to change the site permalinks from HTTP to HTTPS.
Note: The SSL certificates are further categorized into 3 categories
- Domain level validation is the most basic type of SSL.
- Organization validated certificates provide a high level of security and is generally good for businesses.
- Extended validation is really the top-of-the-line stuff which provides the highest degree of security and the certifying authority usually conducts in-depth research of your business before they issue the certificate.
Step I – How do you activate the SSL certificate?
It’s a straightforward process.
- Log into your cPanel account and navigate to SSL manager.
- You can click on the link certificate signing request (CSR).
- Fill out the name of the domain, click generate, and you will see a domain encoded CSR generated. It looks like a code.
- Now you need to go directly to the SSL provider, enter this code, and click on the next button for approval.
- In the last step you need to submit the personal details. Once you have an approval email with you, there would be instructions that you have to follow to validate your domain.
Now that the validation process is complete. The SSL is already issued and you will receive an email shortly.
The next step is to get this SSL and install it on your server. It’s really good if you have a dedicated IP for your website. There are several advantages a dedicated IP address offers, however it is not mandatory. Almost every cPanel hosting supports SNI (server name indication) which is a replacement for a dedicated IP address. Basically, it allows the server to present multiple certificates on one IP address. Hence it can allow multiple secure HTTPS websites. From here on, it’s an easy procedure to activate the SSL for your site.
Step III – Configuring WordPress for SSL/HTTPS
Go to Settings>>General to update your site URL fields. The URL’s must be changed to https://yoursite.com
The next step is to set up the WordPress SSL redirect from HTTP to HTTPS (only if you’re adding SSL to your existing site). You can do all of this by adding a simple code in your .htaccess file.
Note: Please change the yoursite.com with your own site URL.
And if you’d like to add SSL and HTTPS on your login pages, configure SSL in wp-config.php file. Add the following code in your wp-config.php file.
Step IV – Let Google know about these changes
Also, you need to inform Google, by re-adding your site to the Webmaster tools. Just ensure that this time it starts with https://. This is important because you want to inform Google about the change in your URL.
That’s it. We have highlighted the major steps for the process that should help move all your site URL’s on SSL (Migration from HTTP to HTTPS).
There are many advantages for going through this tough procedure. Other than being a SEO ranking factor, it gives you peace of mind by adding layers of security. Consider this, if you’re site is not running over HTTPS connection, every time you enter your username and password, they are sent like simple text all across the internet. That’s really unsafe especially for sites dealing in financial information.
If you are looking to be authoritative in your niche and looking to present yourself as a trustworthy website, switching to HTTPS is a must. It is a natural step for a serious business owner.
Well, this was a basic tutorial about how to shift from HTTP to HTTPS. I believe we’ve covered all the major points. Still, the process can seem too much for a regular non technical site owner. Must agree, sometimes the whole process can get really overwhelming. If you face any kind of trouble while going through the migration, do let me know in the comments, and I’ll be happy to answer them for you.
Best of luck.