menu
8 Steps to maneuver Your WordPress Site to HTTPS
8 Steps to maneuver Your WordPress Site to HTTPS
All right, now we are becoming to the meat and potatoes of this article: the way to move your site from HTTP to HTTPS. we'll take this step by step to form sure you'll follow along without a drag .

8 Steps to maneuver Your WordPress Site to HTTPS

All right, now we are becoming to the meat and potatoes of this article: the way to move your site from HTTP to HTTPS. we'll take this step by step to form sure you'll follow along without a drag . in any case – we care about your site’s security as well!

1. Back-Up Your Website

Whenever making major changes to your site, you ought to always back it up first. That way, just in case something goes wrong (not that we expect it) you'll return to the working version.

As this case is not any different, backing up your website is your first task. Even better – if you've got the likelihood, run through the method below on a test server first, not only your live site.

2. Implement Your SSL Certificate

The first thing we'll do is get ourselves an SSL certificate. How easy or complicated this process is, depends largely on your host.

For example, while researching this guide, we acknowledged that our current host doesn't support Let’s Encrypt and doesn’t plan on doing so. Needless to mention, we are within the process of switching. Hopefully, your’s maybe a bit more forward-thinking, as the businesses on this list.

The optimal scenario is that your host offers a choice to move your site to HTTPS right within the management dashboard. for instance, to modify your site to Let’s Encrypt in cPanel, you'll follow these instructions. Find equivalent steps for Plesk here.

For everyone else, there's Certbot. If you've got administrative shell access on your server, you'll simply select the sort of web server and OS you're using. then, the location will tell you ways to implement Let’s Encrypt on your server.

If you get your SSL certificate from a special source, follow the instructions of your hosting provider to implement the switch (that’s also the rationale why turning to them within the first place isn't a nasty idea).

Once that's done, you would like to start out making the required changes to your WordPress website. this is often what we'll mention next. If you are feeling that the below is just too technical, you'll also give the plugin Really Simple SSL a try. It takes care of most of the work described next.

3. Add HTTPS to the WordPress Admin Area

The first place where you'll get to enjoy the new safe connection is that the WordPress dashboard. By securing the rear end first, you create sure that whenever a user logs in, their information is exchanged securely.

To do so, open up-config.php in your WordPress root folder and add the subsequent line somewhere before where it says That’s all, stop editing!.

define('FORCE_SSL_ADMIN', true);

Once you've got updated the file, it’s time to check if it works. For that, attempt to access your login page with HTTPS within the URL, for instance via https://yoursite.com/wp-admin. If everything worked correctly, you ought to have a secure connection now. Then continue.

4. Update the location Address

After moving the WordPress backend over to HTTPS, it’s time to try to an equivalent for the rest of your site. you'll do this by updating your site address under Settings > General.

move your website to https change WordPress settings

Add https:// to the start of both the WordPress address and site address. Then update your settings by saving. remember that you simply might get to log in again afterward.

5. Change Links in Your Content and Templates

Now it’s time to update any links in your content and database that include the old HTTP protocol. A plugin like Velvet Blues or the Search and Replace script can help thereupon. However, be careful! If handled incorrectly, they will also screw up your site. Good thing you made that backup earlier, right?

If you've got links to external resources and assets in your theme templates and performance files with absolute HTTP links, it’s important to correct these, too. Things to consider:

6. Implement 301 Redirects in .htaccess

The next step in moving your site to HTTPS is fixing a redirect that sends visitors automatically over to the secure version. For that, we'll use .htaccess. this is often the name of a crucial system file on your server (usually within the WordPress root directory).

It usually contains settings for using pretty permalinks, so your installation probably already has one. to seek out it, confirm to permit your FTP client to point out hidden files because .htaccess is invisible by default. If you don’t have one, just create a clear document, rename it to .htaccess and upload it to the WordPress root directory.

7. Test and Go Live

Ok, now that we are through with the most steps, it’s time to check if everything works correctly. For that, head on over to SSL Test. Insert your name and click on Submit. this may offer you an overall score of how well you implemented SSL on your site and details to seek out potential issues so as to repair them.

After that, crawl your site with a tool like SSL Check. That way, you'll catch any leftover links that you simply forgot. If everything fine, it’s time to travel live. Well done! Now you simply got to update some peripheries.

8. Update Your Site Environment

Add site to your webmaster tools — attend every webmaster tool you're using and add the HTTPS version of your site as replacement property. While you're there, upload the new sitemap. you would possibly also consider doing a fetch and crawl and submit any disavow files that are already active for the old version of your site.

Update your CDN — If you're employing a content delivery network (one of the ways to hurry up your site), you furthermore may get to switch it to SSL. Many of them have that feature built-in and your CDN should have documentation on this. Otherwise, ask their support to assist you.