Beginnersblog.org header & footer final logo
Search
Close this search box.

Beginner's Guide To Start A Blog

Redirect http to https

In full transparency – some of the links on this page are affiliate links, if you use them to make a purchase I will earn a little commission at no additional cost to you. It helps me create valuable content for you and also helps me keep this blog up and running. (Your support will be appreciated!)

In this guide, you will learn how to redirect HTTP to HTTPS on your WordPress site. For your convenience, I will explain each step and answer the questions you are about to ask. So stay with me till the end.

Let’s get started…

1. Contact Your Hosting Provider

This is the easiest way to implement HTTPS. All you have to do is contact your hosting provider.

Almost every popular hosting company offers SSL. You can either buy a premium SSL or get a free SSL from your hosting.

Many hosting companies like Bluehost, Hostgator, and Dreamhost offer you a free let’s encrypt SSL certificate.

You can start a live conversation with customer support and ask them to install free SSL on your server.

Once they install SSL on your server, you can ask them to change the site URL, complete additional steps such as 301 redirections and testing.

Everything is done from the main side of your website. The remaining things such as updating the sitemap, changing the external linking, and adding a new property to the search console will be done manually.

You have successfully redirected HTTP to HTTPS.

Note: If you are running your online e-commerce business, do not use free SSL.

This is that you can redirect HTTP to HTTPS without too many headaches.

Another way to go from HTTP to HTTPS is by “following these steps”

Redirect HTTP To HTTPS In WordPress: 11 Easy Steps To Follow [Advanced Guide]

QUESTIONS


In this section, you’ll get the answers to the questions.

These are the questions that you might ask before or after redirecting HTTP to HTTPS.

Let’s begin…

 

1. Should I redirect HTTP to HTTPS?

The quick answer is YES.

In fact, Google encourages webmasters to move to the secure HTTPS protocol.

HTTPS prevents abuse of your site. This protects the privacy and security of your readers. “

Apart from this, it also helps in improving your search visibility and ranking.

Now I don’t think you should make more excuses for not using HTTPS.

 

2. What do I need to know before moving from HTTP to HTTPS?

The first thing you should know is what type of SSL should you buy? ‘

As I already told you, it all depends on the type of your site.

If you are a blogger like me, you better use ‘domain verification SSL’. And you can get this SSL type for free from popular hosting companies.

But if you are running a business or e-commerce website, it is better that you go with the highly secure SSL available on DigiCert, COMODO, or GlobalSign.

Note: – BlogSpot users do not require any HTTPS. There is an option within the setting where they can enable the HTTPS protocol for free.

 

3. IS HTTPS a total solution to website security?

Many novice bloggers think HTTPS is a total security solution, but they are wrong.

Because HTTPS only encrypts your data communication between browser and website. This makes online transactions risk-free and protects buyers from any data breaches.

But it does not protect your site from malicious and DDOS attacks. Your website is still at risk of being hacked.

So do not put your blog or website at risk. I suggest that you use a website security service to protect your database and web server.

As a WordPress user, you can go with Sukuri, Wordfence, or Sitelock to protect your site.

This means you need both HTTPS and website security services for total security.

Also, read: –

 

4. How much traffic I will lose after moving from HTTP to HTTPS?

However, Google confirms that HTTPS migration does not affect traffic. But it brings traffic fluctuations.

And you may lose 30 to 70% of traffic temporarily. This means that if you are getting 100 visitors every day, then after migration, you will get only 30 to 70 visitors and this will continue for 2-3 months.

But you do not have to worry about traffic because if you have followed the right direction you will get it back as soon as possible.

See my report below… (Traffic loss)

Google analytics traffic report after redirecting HTTP to HTTPS

I agree that HTTP to HTTPS redirection still affects traffic, but at the same time, it improves bounce rates and rankings.

 

5. What kind of errors can I get while moving from HTTP to HTTP in WordPress?

The most common error is the ‘mixed content error’ that you may encounter while migrating.

Mixed content is when your assets/resources on pages load over HTTP instead of HTTPS.

It occurs because of improper HTTPS redirection. And in this case, some of your page resources (like media, scripts, or CSS) are not redirected to HTTPS properly.

However, the ‘really simple SSL’ plugin fixes this error automatically. But if you’re still getting the error, then no problem you can fix it manually.

For fixing, first, check your WordPress Address and Site Address. You can find these options in General under settings.

If both addresses are correct, then it’s time to replace all old HTTP URLs in your WordPress database with HTTPS.

You can use the “better search replace plugin” to quickly change URLs.

First, install and activate the plugin.

After activating, open the plugin.

Here you’re asked for two things. The first one is ‘search for’ and the second is ‘replace with’.

Enter the old URL (http://yourdomain.com) in the ‘search for’ field.

Next, enter ‘https://yourdomain.com’ in the ‘replace with’ field. Now click the ‘run a search/replace’ button and you’re all set.

The plugin has successfully replaced all HTTP with HTTPS.

 

6. Check Robots.txt File

The Robots.txt file plays an important role in instructing Google bots. One simple mistake can block your site to be crawled.

You can add your new sitemap URL to the robot.txt file so that Google bots can know the exact location of your new sitemap.

Sitemap: https://beginnersblog.org/post-sitemap.xml

Make sure you check your sitemap URL first and then add it to the robots.txt file as your sitemap will be different from mine.

Sitemap: https://your-sitemap-url/sitemap.xml

Let’s have a look at my robots.txt file…

Robots.txt file after redirecting HTTP to HTTPS

I have answered 6 questions related to the HTTPS migration process. If you have further questions, you can leave a comment and I will do my best to give you a solution.

Now let’s get started…

STEP 1. Take a full backup of your existing website


The first step is to take a complete backup of your website. However, it will not play any role in the migration process but it is necessary to have a backup.

Because it helps to bring your site back if something goes wrong. You can backup from cPanel or using the WordPress plugin.

I use the ‘UpdateraftPlus Backup plugin’. With this, you can backup manually anytime.

Or you can go with a premium version for auto backup.

To take a backup, go to the UpdaterafPlus icon at the top header of the WordPress dashboard.

UpdrafPlus WordPress plugin

And click on the / Backups / Restore ‘option. After that, you will be redirected to the main backup dashboard.

Take backup of your website

Now, press the ‘Backup Now’ button. As you click it, the plugin starts collecting the data from your server and create separate zip files.

Once the process is finished, you’ll see five separate files. Click each of these files and download them to your computer.

  • Database file
  • Plugins
  • Themes
  • Uploads
  • Others

website backup files

Note: Make sure you don’t click the ‘delete files from your web server’ button.

Download backup files to your system

Backup files

Finally, you have taken the full backup of your website and now you can move to the next step…

 

STEP 2: Purchase an SSL certificate and install it on your server


To add an SSL certificate, first of all, you need to buy one.

There are many third-party SSL provider companies where you can purchase SSL at very reasonable prices.

It costs you $ 30 to $ 200 per year.

But before you buy it, make sure you choose a suitable SSL for your website.

How do you know which SSL is best for your website?

It depends on what kind of website you are running. I mean this is an informative blog or e-commerce website.

If you are running an informational blog, then the Domain Verification SSL type is the best option for you.

But if you have an e-commerce business website that deals with online transactions, then you need a highly secure SSL type.

In this case, you can go with COMODO instant SSL pro, Geo-Trust, or Global-Sign SSL certificate. These are reliable SSL and protect the buyer from all types of transaction breeches.

For bloggers, domain verification SSL is the best option, as it is cheaper than other SSL types.

You can get one for free from your hosting provider. In fact, I am also using Let’s Encrypt Free SSL.

And the good thing is that it is now available on all popular hosting companies…

  • HostGator
  • BlueHost
  • DreamHost
  • Kinsta
  • WP Engine
  • A2 Hosting
  • FlyWheel
  • SiteGround

However, you can purchase SSL from your hosting provider. I am using HostGator and it offers both free and premium SSL.

Just go to cPanel and buy SSL from there. You can also buy from third-party SSL provider companies such as DigiCert, COMODO, or GlobalSign.

Once you purchase SSL, it is time to ask the hosting provider to install SSL on your server.

 

STEP. 3: Install ‘really simple SSL’ plugin


Now that you have installed SSL on your server, the time has come to integrate SSL into your WordPress website.

Really Simple SSL is a free plugin that helps you configure SSL in just one click.

This plugin automatically detects SSL and fixes mixed content issues. If you are not having any problems, you are good to go

This replaces all HTTP with HTTPS, so you do not need to change them manually.

Next, you can test your site to see if it is redirected to HTTPS.

Once this is completed, you are ready to move on to the next step.

 

Step 4: Change both site address and WordPress address


However, the really simple SSL plugin automatically changes both the site address and the WordPress address.

But if you are getting an error, make sure you check these options in the general settings and replace HTTP with HTTPS.

See the screenshots below…

Change site address and wordpress address

Screenshot of WordPress and site URL

 

Step 5: Add 301 Redirection


You don’t want to lose your ranking, do you?

Whenever you make major changes to your website, you get to see traffic fluctuations.

And if you redirect HTTP to HTTPS then it also affects your blog traffic.

And if you don’t do 301 redirections, you will keep losing traffic. Because Google considers HTTPS a separate entity.

301 redirection tells Google that the corresponding URL is permanently redirected to HTTPS. And all the old content has now been moved to the new HTTPS version.

Remember, even if you redirect 301, you will still see traffic fluctuations. But after a few days, Google starts re-indexing your site and you will get your traffic back.

Now the question comes … how do you add 301 redirects?

Being a WordPress user, you can use the WordPress plugin. But I recommend you use the .htaccess file to add 301 redirections.

Step by step process to add 301 redirection to your WordPress site using a .htaccess file

  • First, log in to your hosting cPanel.
  • Go to file manager

hostgator cPanel file manager

  • Choose your directory and enable the ‘show hidden files (dotfiles)’ option.

Where can I find .htaccess file

  • Once you get the .htaccess file, paste the code given below on top of the file.

.htaccess file

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

 

Click the Save Change button and check for changes in redirection to see if it is working properly.

Once done, you’re all set. You have successfully redirected HTTP to HTTPS.

NOTE: Be careful while editing the .htaccess file because a small mistake can make your site inaccessible and it gives you an internal server error.

I recommend you download a copy of the .htaccess file on your computer in case something goes wrong.

Step 6: Update internal links in your content


Internal linking is a great way to inter-connect your articles. This helps readers learn more and reduce bounce rate.

As I told you ‘really simple SSL’ converts all HTTP to HTTPS. But you can still check your internal linking and update them if there are some.

 

Step 7: Add HTTPS version of your site to Google Search Console


It is really important to let Google know that you have now come to the HTTPS version.

To do this, you will need to add 2 more properties to your Search Console account.

The first one is: – https://yourdomain.com

And the second one is: –https://www.yourdomain.com

I hope you know how to add property. If you do not, enter the ‘Search Console’ dashboard. In the top left corner, you will see your existing property.

Beginnersblog.org site property

Now click the dropdown arrow. At the end of the dropdown, you’ll see the ‘Add property’ option.

Just click it and add your domain with HTTPS (https://yourdomain.com). Make sure you do it again to add https://www.yourdomain.com.

After verifying, you’ll see all different versions of your web properties.

  1. http://yourdomain.com
  2. http://www.yourdomain.com
  3. https://yourdomain.com
  4. https://www.yourdomain.com

You’ve almost done. The final thing to do is, submit your sitemap to the search console.

 

Step 8: Update your XML sitemap with HTTPS


It helps Google to the index HTTPS version of your domain faster than usual.

Before submitting a sitemap, create a sitemap containing the URL containing HTTPS.

If you don’t know how to do this, no worries, WordPress has made it easy for you.

The Yoast SEO plugin users have nothing to do as all URLs have already been replaced with HTTPS.

All you have to do is browse the HTTPS version of your sitemap by typing “https://yourdomain.com /post-sitemap.xml” (the URL is valid only for the Yoast SEO plugin users).

If you are getting all the URLs with HTTPS then you can copy this URL (https://yourdomain.com /post-sitemap.xml) and submit it to Google Search Console.

Congratulations !!! You have successfully redirected HTTP to HTTPS.

It was all about how you can redirect HTTP to HTTPS.

Now let’s discuss some additional things that you need to do after migrating from HTTP to HTTPS.

 

ADDITIONAL STEPS

STEP 9. Change your CDN URL


To be on the safe side, I would advise you to change the CDN URL.

Otherwise, your CDN server will not provide immediate results for your readers. The only way to fix the problem is to replace your CDN URL with SSL-CDN-URL.

If you do not know how to do this, do not worry here is everything you need to follow.

(Note: – Process is valid for MAXCDN users)

  1. First of all, login to the MAXCDN account
  2. Go to settings and click SSL corresponding to your domain’s pull zone.

Set SSL with MAXCDN

  1. Next, enable SSL for preferred hosting server (shared or dedicated hosting)

 How to enable SSL with MAXCDN

Enable SSL for shared hosting server

If you are using other CDN services, make sure you check their documentation or contact customer support and ask “How do I enable SSL?”.

 

STEP 10. Update Social Media profiles


Submitting XML Sitemaps in the Search Console helps Google to quickly index your HTTPS version and updating your social media profile also improves search visibility.

Change not only the social media profile but also the question-and-answer forum profile. Because these are your backlinks that Google will have to consider sooner than later.

 

STEP 11. Add HTTPS property to Google analytics


With the correct approach to this migration process, it is also important to add the HTTPS version of your domain name to your Google Analytics account.

Because with analytics, you can track your site performance, traffic, bounce rate, and real-time statistics.

And it is important to measure the performance of your site after redirecting HTTP to HTTPS.

To add the HTTPS version, you must log in to your Analytics account.

Once you are in, click on this gear icon shown below.

Analytics admin settings

After clicking, you’ll see this admin interface…

How to update HTTPS version to Google analytics

Next, go to the mid-section and click on the Property Settings option.

Here you see the default URL section. Click on the dropdown and choose HTTPS and save the changes.

Google analytics property settings

Within 24 hours, Google Analytics will start collecting data from the HTTPS version of your site. Congratulations! You have successfully migrated from HTTP to HTTPS.

 

CONCLUSION


Now I would like to hear from you…

Are you going to use this guide to redirect HTTP to HTTPS? I did my best and I hope you now have enough knowledge to go one step further.

If you haven’t moved yet due to fear, I suggest you take your time reading this guide and I’m sure you can do it.

If you have further issues, ask me in the comments section. I will reply to you soon afterward.

Love this guide? Then don’t forget to share it with others on social media platforms.

The "Ultimate Blogging Toolkit" is a FREE ebook contains a list of 100+ tools that pro bloggers and affiliate marketers use to grow their blogs or websites.

More AI Writing Tools (Editor's Choice)

Featured

frase-io logo

Frase.io

With Frase.io, you can produce long-form content within an hour. It comes with all essential tools and features that can help you with researching, briefing/outlining, writing, and optimising. Best for bloggers, Freelancers, editors, and Writers.

All In One

Jasper.ai

Jasper helps you write an in-depth article, create a high converting ad copy for your marketing campaign, and generate product descriptions in minutes. Just give a little context to Jasper and its AI will do the rest. The only downside is that it's quite expensive

80+ AI Templates

writesonic logo

Writesonic

Writesonic claims to be the world’s most powerful AI content generator tool which can write 1500 words in 15 seconds. From students to freelancers to bloggers to marketers, anyone can create high quality content with Writesonic.

Beginner friendly

rytr.me logo

Rytr.me

Rytr is powered by state-of-the-art language AI which is capable of creating high-end unique content in minutes. It collects content from around the web, synthesis it with its own knowledge, and creates unique content for the client.

Picture of Shailesh Shakya
Shailesh Shakya

I'm a Professional blogger, Pinterest Influencer, and Affiliate Marketer. I've been blogging since 2017 and helping over 20,000 Readers with blogging, make money online and other similar kinds of stuff. Find me on Pinterest, LinkedIn and Twitter!

Leave a Comment

Your email address will not be published. Required fields are marked *