Migrating website from http to https

March 25, 2017

I have recently migrated my website from http to https( secure http). All the non-secure HTTP requests are now redirected to HTTPS. On migrating the Site I faced many problems and learnt a lot. So here’s the list of steps to perform in making the web more secure :

Selecting SSL Provider :

The first step is deciding your SSL provider. Many SSL Providers are present in the market like Comodo, Symentac, Verizon, Namecheap etc. They all charge a lot of money but also provide Extended Validation, means not only secure but also proves your legal identity as “operational and physical presence of website owner“.

For normal use you just need a Domain level Certificate. From Namecheap you can buy an SSL certificate in 600₹ for 1 year(Single Domain). For EV Certificate(Extended Validation) it’s good to buy a Certificate, but for Domain level I suggest you to use Let’s Encrypt. Let’s Encrypt is Free! and it is free because of it’s Sponsers like Google, Facebook, Mozilla, Automattic etc. So I am going with Let’s Encrypt.

Installing SSL Certificate :

Installing SSL Certificate is an easy task if your Hosting Provider support Let’s Encrypt. You can check the name of your hosting provider on the list. For non-supporting hosting providers we have certbot. You have to select your software and system. While Installing do redirect all of your traffic to https permanently. It’s an essential step because now you have two versions of your site.

Installing SSL Certificate Successfully v2
Likes and Shares are set to zero!

How to get back all of your likes, you can use plugins like Warefare Plugin(expansive) of do it manually :

  • Changing .htaccess : In Facebook’s documentation they give a solution, to redirect Facebook’s crawler to the old URL. I’ve found a solution in Stack Overflow. You have to add FaceBot to the exception list of redirection. You can find your .htaccess file in your document root. CertBot uses the virtual host method instead. Both do the same thing but .htaccess method is less preferred.

  • Point og:url meta tag to old url : If you are using any kind of SEO tool or creating meta tags your self you have to change all the og:url tag to the http version again.

    So if you are using Jetpack SEO tool then Jeremy Herve created a gist for you. I am using Yoast SEO. I’ve created a small plugin for changing links in Yoast SEO.

  • Scraping : By doing both steps above you don’t get back your likes instantly but after 30 days. Facebook crawls each url after every 30 days of sharing the link. So my first step was going to open graph debug tools and fetch new info for every URL. But the problem was, many sites are too large that fetching each link is not possible.

    For overcoming this problem, I researched on “How to scrap links by script”. I’ve found a solution in Stack Overflow and tweaked it a bit with file operations. You have to make a list of your URLs in a file and pass through the script. Use your Website Sitemaps for getting all the links of your Web Site.

External Links :

Any external links to your previous http links will take your SEO juice away, So it’s good to change them all.

If you are using Google Webmaster tools, add new urls with https. Don’t delete previous urls. Submit sitemaps, and request indexing.

Facebook page and Google Analytics is the another place you want to change the link to your site.

Update! HTTPS is faster protocol then HTTP if you upgrade your apache to HTTP/2. For comparing these two go to httpvshttps .


Thanks for reading if you have any comments or feedback you can reach out to me on twitter.

Up Next