Secure your website with HTTPS

Are you ready to migrate to HTTPS?

With just a couple of months to go before HTTP (Hypertext Transfer Protocol) web pages being marked as insecure, are you well prepared to move to HTTPS (Hypertext Transfer Protocol Secure) pages? HTTPS is nothing but the secured version of HTTP protocol. There are a lot many questions hovering around? Why HTTPs? How to migrate? What are its business gains?

The Hypertext Transfer Protocol (HTTP) is an application protocol for communication over distributed, collaborative, and hypermedia information systems. HTTPS (HTTP Secure) is an adaptation of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted by Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). 

Follow the steps to secure your web pages:

  1. Be Ready

Before taking over the task of conversion from HTTP to HTTPS, it is better to draw a proper plan with proper schedules to make it effective. See if you host provider is ready to deliver you what you need and helps you out in setting up. Plan the set up during the low traffic time on your website. You may need help from developers during the set up, so be prepared. And last but not the least, once you set it up keep observing for any glitch or misses for few days.

  1. Procure a valid SSL certificate

A valid SSL certificate can either be procured from your hosting provider or from SSL Certificate vendors. It is always good to go for these paid certificates instead of using the free ones available online. You never know who has the access to the data having free certificates.

  1. Configure your SSL Certificate

Installing your SSL Certificate depends much on the software you are running. You need to install it on the same server (or with the same private key) that you generated the Certificate signing request.

  1. Change all your hard-coded links and custom libraries to HTTPS

It is development best practice to use relative URLs, but still there are times where hard-coded URLs are used. Update all of them to HTTPS. For custom JS, AJAX libraries which you may be using in your code, migrate them to HTTPS.

  1. Setup 301 redirect from HTTP to HTTPS

For all the traffic from old Google links or dated links on other sites, set up a redirect from HTTP to HTTPS. It can be done easily with a small code change in a global file.  Here is some code to add to the top of your .htaccess file in your root folder:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

  1. Test thoroughly

Test for all the changes made thoroughly in order to be sure end users are not affected in any way by the migration.

It is always better to be safe and secure than regret later. Still it is not too late, start migrating to HTTPS and your business will be more secured.

SSL

Leave a Reply

Your email address will not be published. Required fields are marked *