How To Switch Your Blog To Https (7 Easy Ways To Follow)

/ Blogging
How To Switch Your Blog To Https

Do you want to know how to switch your blog to HTTPS? Switching your blog to HTTPS is a straightforward process. 

Get an SSL certificate, install it on your hosting provider, update internal and external links to HTTPS, set up redirect, and BOOM!!! You’ve switched your blog to HTTPS.

Be careful to follow the sequence. Otherwise, something will go wrong, and instead of your blog, you will get an error message or a blank page.

My initial effort trying to switch my blog to HTTPS went wrong. I could remember the day vividly. 

When I started blogging, I didn’t think switching my sites to HTTPS was essential. However, what troubled me more and more was that browsers were beginning to label my blogs as hazardous, which they weren’t. 

But how do people know if the browser notifies them about it?

Safe and hazardous websites have been clearly highlighted in the browser’s address bar for decades. It doesn’t matter if the info is genuinely sensitive or not. 

The browser checks if the site has a security certificate and whether all data is delivered in encrypted form. So what do I have to do to acquire a secure website? How can I switch my website to HTTPS?

I will explain all in detail in this piece.   

What Are HTTPS And SSL, And Why Do I Need Them?

The HTTPS protocol between the client (user) and the server (website) encrypts the transfer of data and certifies the server’s identity.

This implies that when a website is pulled up, a certificate is first transmitted from the server to the client to certify the validity of the server.

Once the client confirms this certificate, it transmits a unique security key (letters, numbers, and characters) to the server. Only then can the encryption take place.

The Internet protocol SSL is utilized for this encryption, which implies that other parties cannot access the data.

If you install WordPress to establish your website, you should ensure a certificate is set up before you install it so you no longer have to do the SSL conversion.

Why Should I Switch A Website To HTTPS?

Google aimed to make the Internet safer and stated a few years ago that SSL would be a ranking element. 

Content that is delivered in encrypted form earns a little advantage. All browsers have now begun to provide a warning for hazardous websites. 

A warning from the browser forces Google to disregard HTTPS, which may entail a loss of Ranking.

With HTTPS, data is delivered in encrypted form. Websites lacking https are classed as insecure. Unencrypted transmitted data may be viewed and intercepted.

 If a user finds a website or blog labeled as hazardous, he will barely deposit his data, even if it is simply to subscribe to a newsletter.

A closed green padlock commonly signifies a secure website.

The Security Certificate

An SSL certificate is needed to switch to HTTPS. This credential is provided by certifying agencies. 

There are certificates with varying security levels and validity. The lowest security level is adequate for basic blogs without a member area. 

These certificates are typically supplied free of charge.

With free certificates, be sure they are issued by a reputable certification body, such as Let’s Encrypt. The SSL certificates may be purchased directly from the certifying authority. 

However, the quickest option is to receive them from your hoster. The certificate is related to a domain and must have the same entry as the associated domain.

  • Websites without a certificate: http://yourdomain
  • Websites with a certificate: https://yourdomain

Depending on the hosting provider, one or more certificates are included in the hosting plan or booked relatively inexpensively.

Why Is HTTPS So Important?

There are various reasons why HTTPS is so important in a blog.

HTTPS is important in blogging for Security

HTTPS encrypts your site. This signifies that the whole communication is safeguarded. This makes it virtually hard for hackers to take data during transmission. 

And that’s quite fantastic since, with HTTPS, nobody can sniff out passwords, credit card numbers, and other sensitive information in transit anymore.

HTTPS is important in blogging for Ranking

Google incorporates HTTPS in your blog’s ranking criteria. Without HTTPS, you will rank lower on Google. In addition, your website loads quicker using HTTPS, significantly enhancing the Ranking.

HTTPS is important in blogging for Browser warnings and trust

Firefox and Chrome warn about HTTP and alert users that HTTP sites are vulnerable.

HTTPS sites, on the other hand, boost confidence in your website. And be aware: More and more people are paying attention to this. An encrypted page verifies that your blog is real.

HTTPS is important in blogging for Speed

By combining SSL with HTTP/2, your WordPress installation will be much quicker, up to 45% even.

HTTPS is important in blogging for Data protection

Due to the General Data Protection Regulation, all personal data (name, e-mail address,…) must be transferred in encrypted form. This applies, in particular, to contact forms and online businesses.

How To Switch Your Blog To HTTPS?

The technique for converting to HTTPS is independent of the host and the specified certificate.

Be careful to follow the sequence. Otherwise, something will go wrong, and instead of your blog, you will get an error message or a blank page.

1. Preparation

Create backup

We’ll start with a small warning:

Before we start with the conversion, you have to back up your website. We will subsequently modify the database that might go wrong (but this tutorial won’t).

Disable caching

If you have a cache plugin enabled, deactivate it. Likewise, if your supplier offers a feature for this might otherwise create complications in rare circumstances.

In Short: In preparation, build a website backup and remove your caching plugin or the cache function at your hoster.

2. Set up an SSL certificate.

First of all, you need to acquire an SSL certificate. Typically, these certificates cost an annual fee beginning at roughly $10. Fortunately, the startup Let’s Encrypt gives free SSL certificates.

As a client of All-Inclusive and many other reputable suppliers, these complimentary certificates are provided. Ensure no additional fees are paid since that doesn’t have to happen today!

Let’s Encrypt the SSL certificate with all-incl

Click on the first icon on the right to update the domain.

Log into the all-inclusive KAS and click “Domain” in the menu. Then you have to click on the edit button on the right side of the domain to be encrypted.

Click on “edit” in the highlighted row.

You will then find yourself on the settings page for this domain. Here you will discover the item “SSL Protection,” which you may use to create other SSL setups. 

Then, you must click the “Let’s Encrypt” tab and follow the dialog.

Set up an SSL certificate with other servers.

Each web server has its method for setting up an SSL certificate. However, the technique is similar to the procedure described above for all-inclusive.

In addition, in most situations, the hoster gives thorough instructions on how to set it up. You can always contact support if this is not the case or if the instructions are unclear enough.

In Short: Activate an SSL certificate for your domain. It is advisable to utilize the free Let’s Encrypt certificate so that there are no additional expenses.

3. Change the WordPress URL

Next, you must inform your WordPress website that it is no longer viewed through HTTP but HTTPS. 

This is quite simple in the admin section by clicking “General” under “Settings.”

You will discover the “WordPress address” and “Website address.” These are now commonly entered with http://. This is precisely what you have to convert to https:// now.

Change the two addresses to https:// instead of http://, as previously

This update guarantees that WordPress changes the URLs in the database to the new location and saves them with HTTPS. However, this only applies to WordPress internal links and select plugins.

In any case, you have to verify manually whether all links have truly been altered appropriately!

In Short: Change WordPress and website address in “Settings” -> “General.” Both addresses must now begin with https://.

4. Resave permalinks

After updating the WordPress and website address, we need now make sure that all permalinks (URLs) are produced appropriately.

This implies that some of your pages may still be kept in WordPress through HTTP. But we will rectify it by preserving the permalinks anew.

Under “Settings,” browse to -> “Permalinks” and click on “Save Changes” at the bottom. You don’t have to set a new tick; save.

This will renew and accurately regenerate all the URLs of your pages, articles, and other page kinds.

In Short: Navigate to Settings -> Permalinks and click Save Changes. This will renew all URLs using HTTPS.

5. Change routes in the database to HTTPS

This is the only genuinely dangerous step in migrating from WordPress to SSL encryption. But you can proceed without anxiety because you prepared a backup in anticipation!

All the old HTTP URLs are updated with the new ones utilizing HTTPS. There are various methods to achieve this.

The simplest technique and with the least chance of mistake works with a plugin. The plugin is Better Search Replace

The free WordPress plugin Better Search Replace makes modifying the previous database paths simple. After you have installed it, you can find it under the menu item “Tools” -> “Better Search Replace.”

The procedure is easily explained:

1. Enter the old URL in the “Search for” section (e.g., https://financebode.com)

2. Enter the new URL under “Replace with” (e.g., https://financebode.com)

3. select all tables in the table selection

4. activate the checkbox at “Test run?”

The result after the test run

Now the plugin will scan your database for the old route without altering it. A result will then be shown in how many table rows it was discovered.

Using this step, you may verify whether any outdated links use HTTP.

If so, uncheck the “Test run?” box, start the search, and replace it again. All routes are then converted to HTTPS.

In Short: Use the free plugin “Better Search Replace” to update the routes in your database from HTTP to HTTPS.

6. Redirect HTTP calls to HTTPS.

Next, we must ensure that hyperlinks to your site and any requests through HTTP are forwarded to the new SSL-encrypted version of your website. We do it using a redirect.

There are three methods to achieve this:

  • Force HTTPS through the hoster
  • Force HTTPS using the .htaccess
  • Force HTTPS with the nginx.conf

Most web providers utilize Apache servers and give the ability in the backend to compel HTTPS. If not, use the .htaccess file.

Force HTTPS through the hoster

With most hosters, while setting up and modifying the SSL certificate, you can select “Enforce SSL” or “Force SSL.” This immediately redirects all calls to HTTPS.

If you have this configuration option with your hoster, you no longer have to change a file.

Force HTTPS using the .htaccess

If your hoster utilizes an Apache server (this is the case with most hosters), you will find the .htaccess file in the main directory (log in through FTP using Filezilla or Cyberduck) of your WordPress installation. 

You can use it to generate a redirect, i.e., a forwarding.

The “.” in front of the name will conceal it in your FTP application; you must enable hidden files to be viewed first.

So open the file and add the following lines:

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This immediately redirects all calls to your site through HTTP://… to https://….

Force HTTPS with nginx.conf

In this situation, your hoster has Nginx. Conf, in which you may use this code:

if ($scheme = HTTP) {

return 301 https://$server_name$request_uri;

}

In Short: Redirect all calls to the old HTTP site to HTTPS via redirects. Use the settings of your hoster, the .htaccess file (for Apache servers), or the nginx.conf file (for nginx servers).

7. Check your website

You have successfully finished the switch from WordPress to HTTPS!

The encrypted connection is indicated in the address bar with a green lock (Chrome)

To be safe, verify whether everything truly works and is presented appropriately.

Now check the following to know if your blog is in HTTPS:

  • Does the (green) lock display in your browser’s address bar?
  • Are all pictures shown appropriately on your pages?
  • Do the internal connections work?
  • Are there display problems?
  • Can you log into the admin area?

Normally everything should work smoothly. However, warnings may still appear.

Above all, the issue of the non-existent (green) lock happens more often. That’s why I will describe how you may fix the most typical difficulties with SSL conversion.

In Short: Check your website for display difficulties, broken links, and, most importantly, whether the (green) lock is displayed in your browser.

Typical Difficulties, Errors, And Their Solution After Switching To HTTPS

Images are not shown.

This method is only essential if you have issues with the presentation of the photos. For example, if photos are no longer visible.

If so, get onto your web server through FTP (using Filezilla or Cyberduck) and access wp-config.php (you may find it in the WordPress root directory).

There you now insert the following line and modify it to your domain:

define( ‘WP_CONTENT_URL’, ‘https://deine-webseite/wp-content’ );

In certain circumstances, this code already exists. If this is the case for you, verify whether https:// is genuinely contained in the URL instead than http://.

The page is listed as “not secure.”

Your site might get the “not secure” notice in many ways.

For example, you’ll receive this problem with a yellow triangle, red caution next to the website URL, or a full-page “not secured” notice.

In this instance, individual resources are still accessible over the unencrypted HTTP connection. You have to solve this!

We will use a mechanism included in Firefox and Chrome called “Developer Console.”

To enable them, right-click anywhere on your blog and choose Inspect Element (Firefox) or Inspect (Chrome). Click “Console” (Firefox) or “Console” (Chrome) on the top bar of the new window that appears.

In this console, you will now be given resources with faults that are not accessed through HTTPS and are consequently unencrypted. You may distinguish these messages by the opening with “Mixed Content.”

Now all you have to do is look at what resource it is and where you placed it. Once you have discovered it, you must manually change the route from http://… to https://….

Most typically, mixed content reports originate from these resources:

  • VG word compound
  • Images added in page builders or the customizer
  • Externally obtained typefaces, such as Google typefaces
  • Blog platform banners or other externally provided pictures
  • Externally obtained scripts, for example, via social media
  • advertisements

Work your way up resource by resource until you’ve switched all hazardous materials. Your site is only completely secured when the green lock displays in the URL bar.

Where Else Should You Change Your URL After Switching Your Blog To HTTPS

Google Analytics

If you’ve followed my WordPress fundamentals series of articles, you’ve linked your website to Google Analytics. However, because it no longer runs over HTTP but over HTTPS, you should save it that way in Analytics.

Switch to https:// in Google Analytics.

To achieve this, enter your Google Analytics account, browse to “Manage” in the menu, and then click on “Property settings” in the middle column.

The first thing you may do here is specify the “Standard URL.” Click “http://” and switch to “https://.” With a click on the save button at the bottom of the page, the entire thing is already modified.

Google Search Console

Google Search Console doesn’t enable you to modify the URL of your added page. Here can add the SSL-encrypted version of your website as an extra attribute.

This is straightforward. You will just add the HTTPS as a new site the same way you add the HTTP.

Social media channels

Don’t forget to bookmark your new URL on all social media networks. A URL without HTTPS looks unprofessional.

So check all social media channels:

  • Facebook Pages & Facebook Groups
  • Instagram
  • Pinterest
  • LinkedIn
  • Xing
  • Twitter
  • Google MyBusiness
  • YouTube

More places to change

  • Newsletter imprint
  • E-Mail Signature
  • Advertising material (print & web)
  • affiliate networks
  • Merchandise

Conclusion

Switching your blog to HTTPS is not strictly required for those blogs without sensitive data. However, for SEO technical reasons, it is preferable to do so. 

Google strives for a safer internet and “rewards” the converted websites. The users know this by the indication in the browser’s address line. Who loves to give up data from an unsafe connection?

Switching to HTTPS is straightforward if you follow the steps correctly.

FAQ – Frequently Asked Questions   

How can I convert HTTP to HTTPS?

To convert HTTP to HTTPS, you first need an SSL certificate. You may then update the WordPress and website addresses to HTTPS in the general settings of WordPress and then alter all routes in the database.

Is WordPress SSL Encrypted?

If you install WordPress on a domain having SSL encryption, WordPress will be SSL encrypted. If no SSL certificate is kept, WordPress will operate via HTTP after installation, and you must encrypt it using SSL.

Why is my WordPress site not secure?

If your WordPress site is labeled as “not secure,” you either did not save an SSL certificate and converted WordPress to HTTPS, or you have “mixed content” on the website that you need to address.

How do I distinguish HTTPS pages?  

At the top of the address bar (URL bar), whether the website is SSL secured is displayed. You may immediately detect HTTPS by a green lock and the starting characters https:// (instead of http://). There is no secure communication if there is a yellow triangle or a call sign next to the lock.

When is an SSL certificate necessary?

As soon as your website is to load through HTTPS, an SSL certificate is necessary. It guarantees SSL encryption and hence safe delivery of any data.

Related posts:

What to blog aboutWhat to blog about? 32 guaranteed ideas for beginners What is a domain name?What is a Domain Name? and Why Do You Need One? What Is Duplicate Content?What Is Duplicate Content, And How To Avoid It In Your Blog? What Is A Corporate Blog?What Is A Corporate Blog? (What You Should Know)

Subscribe to Our Newsletter

Ready to Make Money Online? Our Financial Newsletter is Here to Help! Get the latest tips, advice, and strategies to help you maximize your earning potential. Sign up now and start growing your wealth!