Quick Tips for Moving Your Site to Always On SSL

AOSSL Always on SSL
AOSSL Always on SSL

As you probably know, Google is now using whether or not you have SSL enabled on a page of your website as a ranking factor. While it’s an admittedly small boost at this point, the amount it affects your ranking may increase over time. This is why we’ve put together a quick How-To Guide for moving your website to AOSSL (Always On SSL).

HTTPS Site Migrations Made Easy
Changing an entire website can be a time consuming task – especially if you have a large website that gets a lot of traffic. To help keep the peace between your marketing and development departments, we’re going to go over some of the “best practices” you should keep in mind when migrating your site from HTTP to HTTPS.

Setting up Site-Wide SSL

Here’s a quick rundown of the process of setting up SSL on your website(s).

  1. Determine if you already have a certificate or not – and if so, what type
  2. Choose the type of SSL certificate you’re going to need – find a list here
  3. Create a Certificate Signing Request (CSR) with a Certificate Authority
  4. Pay for the SSL certificate
  5. Install the certificate on your server
  6. Migrate your website to use HTTPS (we’ll go into this more below)

As you can see, the basic process of setting up SSL isn’t too difficult.

 

Tips for Site Migration to SSL

Next, we’re going to go over some tips to keep in mind when you’re setting up your website to use SSL / TLS.

  • Use Relative URLs – Using relative URLs (without the http:// and domain name) is a good web design practice in general, but when it comes to using SSL, you want to make sure you don’t have any hardcoded links to HTTP URLs anywhere.
  • Move All Resources to SSL – This includes your CSS files, javascript files and everything else. This may require going through your HTML code (or template files) to ensure that all links are using HTTPS rather than HTTP. Find and replace can he helpful with this, but you should be careful.
  • Set-up 301 Redirects – After you’ve gone through all your pages to make sure no links are still using HTTP, you should also setup 301 redirects that send everything from port 80 (HTTP) to port 443 (HTTPS). This is really simple to do on Apache web servers by setting up rules in the .htaccess file.
  • Use Google Webmaster Tools – While Google requires HTTP and HTTPS sites to be separate on their Webmaster Tools site, you want to make sure you have both entered. This will allow you to keep an extra eye during the transition to make sure no problems are happening.
  • HTTP Strict Transport Security (HSTS) – Making sure your web server supports HSTS is important. This ensures that browsers only request the HTTPS versions even if someone types in HTTP. Also, it helps Google understand that your entire site is now using SSL / TLS.

By following the advice and tips above, you shouldn’t have any trouble migrating your entire site to HTTPS. However, once you’re done, you want to make sure you check your work. Many online tools are available that will help ensure that your SSL certificate is installed and working correctly.

If you have any advice for anyone migrating a site to HTTPS, leave a comment below and share your knowledge with the rest of us. You can also leave a comment if you have any questions. In general, we love hearing from all of our readers.