Moving the site to HTTPS, choosing an SLL certificate. Step by step guide

In 2020, the issue of switching to the HTTPS protocol is no longer necessary. This is a mandatory requirement for absolutely all sites. Browsers based on the Chrominium core show users a warning that the site is not secure and they do not risk going to it. The developers have tried to make the message about the unsafe resource repelling users.

But what if your site has been around for a long time and you have read that by switching to a secure certificate, the resource will lose its position in the search results due to link changes? We will talk about this now.

In fact, it’s still pretty and not at all necessary to involve programmers and SEO specialists if you have free time.

We go through the following stages when transferring a site to a secure HTTPS protocol:

1. Site preparation
2. Choosing the right time for the transition
3. Buying an SSL certificate
4. Switching to a secure certificate
5. We inform Yandex and Google about the protocol change

Well, now let’s take a closer look at each of the points.

Preparing your site for the transition

Changing links from absolute to relative.

The first thing we do is change absolute links to relative ones. Absolute links – explicitly indicate the path to the page or file, for example: https://muraha.eu/services/seo-prodvijenie/… A relative link will look like this: / services / seo-prodvijenie /… This is done to ensure that the pages work correctly and it does not matter what protocol a given page uses.

If you have multiple interconnected subdomains of the same site that you translate to HTTPS, this link structure will positively influence search engine indexing and correct user redirection.

Fix media attachments

All media content is also translated to relative links. Check all pages carefully. If the site is small – manually. If there are many pages and content, it is advisable to use scripts.

The browser will let you know if all media have the wrong URL. After going through them, it will display the following message:

Correction of pluggable scripts. fonts and style sheets

You need to change links of the form:

https://muraha.eu/css/main.css

On the:

//css/main.css

If you are using a CMS, for example, WordPress, then there are special PHP code inserts. We will consider the transition to the HTTPS protocol in different CMS in more detail in the next article.

Perform this operation for all scripts, fonts (or they will reset to default) and stylesheets (files .css). If the pages have remarketing codes, various scripts, you just need to replace their addresses with relative addresses with the domain name, but without the HTTP protocol.

Choosing the right time for the transition

By applying all the described recommendations, you will not see significant losses of traffic or positions in search results. However, there is a possibility that a slight decrease in these indicators will still be, but only temporarily, until the search engine accepts the changes on the site.

To avoid this, we recommend two options:

1. Consider purchasing and installing an SSL certificate during the site development phase.
2. Move during low season so that it does not impact or impact sales to a minimum.

Selecting and installing an SSL certificate

SSL certificate is a way to protect personal data on the Internet; it prevents attackers from intercepting user data and using it for their own purposes.

We do not recommend using free SSL certificates. Your users might see a message like this:

There are several types of certifications in terms of price and functionality. If you have a small project, use Domain Validation, it is installed on the domain name and is the most popular. Costs from $ 10.

If you buy a certificate from your hosting provider, make sure they support it. To do this, read his manuals or ask a question in tech support.

Switching to a secure certificate

You can perform the transition itself in the administrative panel of your hoster. In most cases, there are instructions and detailed manuals on how to connect a certificate for a particular hosting.

If you have any difficulties with installing and connecting a certificate, hire a programmer or contact the hosting support for help. Installation takes just a couple of minutes.

In most cases, difficulties should not arise, we use Hosting Ukraine, this process takes on average 10 minutes for them.

You can check the work in the online service, there are many of them. We use SSL Server Test… Also, make sure that the project is accessible at two addresses: http: // and https: //.

Completing the transition from HTTP to HTTPS

The protocol is connected, it remains to configure the site. As a result, all pages should be accessible at addresses with https: //. To do this, we perform the following work:

1. Setting up a page-by-page 301 redirect… Htaccess file to set up 301 redirects (you you can find this file in the root of the site or create it in any text editor). Here’s a generic code that works on most hosts:

RewriteCond %{SERVER_PORT} !^443$ 

Либо такой вариант:

RewriteEngine on

RewriteCond %{ENV:HTTPS} !on

If the code does not work, contact the host support.

2. Setting up robots.txt… For search engines to index pages taking into account the transition to a secure protocol, indicate that the version with HTTPS is the main one. To do this, in the robot.txt file in the host directive, change the link from http: // to https: //.
3. Update the file sitemap.xml. Make sure the so called sitemap contains URLs with https.

4. Check the URL in the rel = “canonical” and rel = “alternate” tags, there should also be relocation links.

5. We inform Yandex and Google about the protocol change. An updated sitemap.xml and robots.txt file must be uploaded to Google. You can inform Yandex about the protocol change, in addition to files here:

This is actually all. Congratulations, your website is safe for users. Hope this article helped you. Share it with your friends and follow our blog.