November 20, 2017 Jonny
Follow me on Twitter

As the rise in SSL usage continues, we thought we’d put together a quick guide on things to check when making the jump.

Let’s jump straight in!

Please note: This guide is for websites using WordPress. Assuming you have a certificate already, and it’s installed on your current web hosting.

  1. Update your site URL
    If you want to use HTTPS everywhere on your site, then you’ll need to update your site URL. You can do this by going to Settings » General and updating both your WordPress and site URL address fields.

    Screenshot of general settings

    Screenshot of general settings

    In some instances, such as updating an existing site, you’ll need to modify your .htaccess file to set up a redirect from HTTP to HTTPS. You can do this by editing/adding the following code snippet in your .htaccess file:

    1
    2
    3
    4
    5
    RewriteEngine On 
    RewriteCond %{HTTP_HOST} ^example\.com [NC]
    RewriteCond %{SERVER_PORT} 80 
    RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

    Don’t forget to replace example.com with your site URL!

  2.  Avoid the Mixed-Content warning
    You may have applied the above, and noticed that on some pages of your website, you’re still not getting the green padlock watb ssl https certificate mexample
    Most of the time, this is due to something called “mixedcontent”. Mixed content occurs when a webpage containing a combination of both secure (HTTPS) and non-secure (HTTP) content is being delivered over SSL. This might be because you’re loading in external content such as a set of fonts, or an image from another website. You’ll need to make sure the paths you’re linking out to in order to load content are using HTTPS in the url.If you feel uneasy about this, fear not! There is a plugin which can handle it for you aptly named SSL insecure content fixer – Always make sure to backup your database, and files before installing plugins.
  3. If you haven’t got an SSL Certificate yet
    You’re in luck, most hosting providers nowadays support the usage of Let’s Encrypt
    lets encrypt logo
    Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

Want to learn more?

We wrote an article about how WordPress is edging towards requiring HTTPS as standard, and why you should take notice!

Looking for more tips?

Jump on our mailing list & get digital goodness straight to your inbox; including helpful tips, tricks and the latest articles surrounding marketing, web design and branding.

Sign up →