You guys this is an absolute must to change your HTTP to HTTPS. And do it as early as creating your website. That way you don’t have to deal with the hassle of migrating from HTTP to HTTPS. You can even get a free SSL certificate over at InMotion Hosting.
Did you know that beginning July 2018, Chrome will mark all HTTP sites as “not secure”? And that 81 of the top 100 sites on the web use HTTPS by default according to Chrome Security Product Manager, Emily Schechter. See how that can impact your SEO? More and more of your visitors will want to see that they are on a secure site. This has already been a well-known indicator that if you don’t have a lock in from of your domain url that visitors won’t make purchases on your website.
Below I’ll explain three changes that need to be made when migrating from HTTP to HTTPS. If working with WordPress, please see my blog post about how to change your WordPress URL.
301 Redirect HTTP to HTTPS
After you’ve migrated your website from HTTP to HTTPS you’ll notice that you can visit both URLs to reach your site, the old URLs and the new URLs. We need to eliminate this confusion immediately for your site visitors and for Google. And especially for any links you have pointing to your old URLs as this will impact your sites SEO. The last thing we want to do is lose PageRank.
Because you are changing your URL structure you will need to create 301 redirect to your new URLs using HTTPS. According to Google, you will not lose credit for links if you create 301 redirects. Because 301 or 302 redirects do not cause a loss in PageRank. But, this must be done in order to keep those links intact and continue passing on that link juice to your new URL. Just make sure to change your htaccess file to 301 redirect HTTP to HTTPS.
Once you have made that change you should go back to your website for a quick double check. Check to see if when you enter the old URL using HTTP that the new URL with HTTPS appears. If so, then you have successfully migrated from HTTP to HTTPS.
Is your site now secure?
How do you check? To the left of your URL you should see a green lock if using Firefox or Google Chrome browsers. And if using Internet Explorer you should see a lock to the right of your URL. A warning will be placed over the lock if your site is still not secure. It is more than likely that there are images on your website pages and posts that are still using the HTTP URL, this will break the security of your website. Make sure to change all of your images on your website. If using WordPress, the images have already been updated to HTTPS. But you will need to change the links pointing to those images.
A tool I used is called is SSL check over at Jitbit. You’ll either need to Tweet to gain access to this tool. Or simply, say no thanks, I don’t want to tweet. Then enter your root URL with HTTPS and click the check for SSL errors. The tool will crawl your website searching for non-secure images, scripts and CSS files that will trigger a warning message in browsers. If any errors are found, the pages will be listed for you, just click the red question mark to expand the page. More than likely you’ll see unsecure images have been found on your website.
Secure your images
Another way to check for unsecure images, is to open your website using view page source. To do so, right-click on your website and then click on view page source. Perform a search “find on this page” the text “http://” or “http://www if your website begins with www. This method will tell you which images on your page are still unsecure. And will give you an idea as to where to change them on your theme or template. Make all the necessary changes and then check your website again to see if it is now secure.
Update your sitemap
Don’t go and forget this important step. You’ll need to update your website’s sitemap with the new HTTPS URLs. 😀