Are you willing to migrate your WordPress website from HTTP to HTTPS and make it fully secure? This guide will show you how to easily move your WordPress website from HTTP to https with zero coding experience.
Starting from July 2018, Google started making websites without SSL certificate insecure. Generally, a website which is not fully HTTPS will show not secure on the browser bar as shown in the image below.
Another blow to websites which are not fully HTTPS is that, as soon as you start typing on any form element, the title bar will show a strong warning, which might frighten your users. See the image below
Under this article, we are going to show you how to easily convert your website from HTTP to HTTPS by installing a valid SSL certificate.
Also Read: How to Properly place google ads on WordPress website
Why Switch HTTP to HTTPS and SSL Certificate?
As we had said earlier in this article, Google announced a strategy to improve website security by encouraging website owners to switch from HTTP to HTTPS. This includes marking all insecure websites as not secure.
Google also said that all websites with SSL certificate will see a huge boost in SEO and better ranking. Since this announcement, a lot of website owners have switched from HTTP to HTTPS. This should be a sufficient reason to switch your website to HTTPS.
Also if you want to accept payments on your website through the integration of various payment methods, then you will require an SSL certificate. Some payment companies like PayPal and Stripe, require that you have SSL certificate installed on your website.
Requirements for using SSL on a WordPress Website
You need to purchase an SSL Certificate, of which you might have it for free. These days, most websites offer free SSL certificate to encourage users to register a domain with them.
See a guide on how to get an SSL certificate for your website.
If your website does not offer free SSL certificate, you will be required to purchase a new one before making your site fully secure
Migrating WordPress website from HTTP to HTTPS
After installing an SSL certificate, you will need to set your website to use HTTPS. There are various ways to make your WordPress website secure. First, we don’t encourage users to use plugins. Under this article, we will teach you how to manually set HTTPS on your website
Following are steps on how to switch your WordPress website from HTTP to HTTPS
First, you will need to visit Settings > General from your WordPress dashboard. From here, you will need to update your WordPress Address (URL) and Site Address (URL) and replace HTTP with HTTPS.
Please do not forget to click save button to save changes
After saving your changes, WordPress will log you out and you will be required to re-login.
Next, you will need to set up WordPress redirects from HTTP to HTTPS by adding the following code on the .httaccess file
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
By doing this, you will enable your entire website to load using HTTPS
If you would like to force SSL certificate on your wp-admin, you will be required to add the following code into wp-config.php file above “That’s all, stop editing!”
define('FORCE_SSL_ADMIN', true);
This line allows WordPress to load using HTTPS on the WordPress admin area
After this, your website will be fully HTTPS but you might encounter mixed content errors
These errors are caused by images, scripts, and stylesheets that are still loading using an insecure HTTP protocol. In this case, you will not be able to see the green padlock on the title bar of the browser.
Fixing Mixed Content on The WordPress
The final stage is to set up your images, scripts, and style-sheets to load using a secured HTTPS protocol.
You can easily do this by installing the Better Search Replace plugin.
Upon activating the plugin, you will need to visit Tools > Better Search Replace. Under the search field, you will be required to add your website URL with HTTP, after that, add your website URL with HTTPS on the replace field.
After that, make sure you select all your database tables. You can do that by pressing control and clicking a specific table or press Ctrl + A to select all the tables
Lastly, uncheck the ‘Run as Dry Run’ checkBox, then click ‘Run Search/ Replace’ button.
WordPress will search for URLs containing HTTP and will be replaced with secure HTTPS URLs in your entire database. This action may take a while depending on your database size
Submit your HTTPS Website to Google Search Console
Lastly, you will need to submit your HTTPS website to google search console. Google Search Console treats HTTP and HTTPS websites as two different websites.
Also, make sure you submit your HTTPS sitemap to google search console under HTTPS website property. On Google search console, select HTTPS website property, click on sitemaps and submit your sitemap to Google Search Console.
That’s how to make your website fully HTTPS