How to Migrate a Website from HTTP to HTTPS

Before we start, let’s give a disclaimer: If you’re not already somewhat familiar with migrations, this probably isn’t the blog for you. Properly migrating from HTTP to HTTPS can be tricky even for an experienced developer – it requires time (probably more than you assume) and patience.

So, for the small business owner or online entrepreneur reading this blog, unless you want to lose access to your site or have your third party plugins malfunction, your takeaway here is this: get help from someone experienced in this process (because there are a lot of ways to mess it up)!

WHY HTTPS?

Because, Google says so. All joking aside, this transition has been in Google’s sights since early 2014, when they started using HTTPS as a ranking signal for SEO. More recently, though, the bigger motivation is a change in user experience.

As of January 2017, Chrome began indicating connection security with an icon (like above) in the address bar for HTTP pages that collect passwords or credit card information. Eventually, those warnings will become more prominent.

Long story short, Google is actively making the move toward creating a more secure web. So, you best get with the program.

HTTPS MIGRATION CHECKLIST

If you’re one of the people mentioned in the intro paragraphs with “experience in this process,” here is a list to keep you on track with the migration process.

  1. GET YOUR SSL
  2. INSTALL THE SSL CERTIFICATE
  3. DO A FULL BACKUP
  4. CHANGE LINKS TO HTTPS
  5. UPDATE EXTERNAL LINKS
  6. CREATE A 301 REDIRECT
  7. UPDATE URLs IN PPC LANDING PAGES
  8. UPDATE URLs IN EMAIL MARKETING CAMPAIGNS
  9. UPDATE GOOGLE

Google (of course) has also created some best practices to follow. I’m partial to my list, naturally, but as always, Google provides a lot of good insight, including some common mistakes and tips.

Click here to download an even more detailed, pdf version of our HTTPS migration checklist.

And, last but not least – CONGRATULATIONS! If you completed that checklist, your site is now actively using HTTPS, and you are officially projecting a safe, secure presence to your visitors (and search engines). It took some time, and it wasn’t easy, but it was definitely worth it!