Business, Web Hosting Tips, Website Hosting, Website Security, WordPress and WooCommerce

How to Enable HTTPS on Your Website Server and Redirect from HTTP

Website Security

Nowadays, HTTPS is a must, not only for transferring any sensitive data of any kind over a secure connection, but now it’s even affecting your SEO and ranking in search engines. Enabling HTTPS isn’t a difficult task, though it is time consuming and it’s recommended that only experienced website administrators, or at least people who know how to utilize an .htaccess file on their hosting, be the ones to enable it.

Why Modern Websites Need HTTPS / SSL Security

Also known as SSL (secure socket layers), HTTPS allows you to encrypt data transferring to and from your server, keeping personal information safe and secure from hackers (side note, WebScorch has this very thing enabled across all pages and media site-wide).

Consumers are becoming more aware of the importance of secure data transfer, and they often look for the green lock that appears in their browser on HTTPS-enabled websites. In addition, modern browsers such as Microsoft Edge and Mozilla Firefox will alert users (usually near the address bar) when they are transferring data over an insecure HTTP connection. This will likely cause you to lose visitors and business.

As mentioned, having HTTPS is important for ranking at the very top of search results. Google and Bing both already have SSL recommendations added into their search algorithms. This means an SSL certificate is now needed on each and every website or blog. If your website or blog doesn’t have an SSL certificate in place, now is the time to obtain an SSL certificate and enable HTTPS.

Follow these 5 Steps to Enable HTTPS on Your Hosting Server

1. Host Your Website With a Web Host Offering a Dedicated IP Address

The first step is to ensure that you’re hosting with a dedicated IP address. Fortunately, if you’re hosting your site on WebScorch, many plans don’t require a separate dedicated IP purchase since they already come with one.

However, if you’re hosting with another provider or your plan doesn’t include a dedicated IP address, you can purchase a dedicated IP here. In many cases, this requires you upgrade to a VPS or dedicated server.

Alternatively, you can upgrade to a plan that includes dedicated IP and SSL, such as our WordPress Ultimate or our Business Hosting plans

2. Buy an SSL certificate

Once you have a dedicated IP address, you’ll need to purchase your SSL certificate. This certificate essentially identifies your website to users of the web. SSL certificates utilize a string of numbers and letters that you install on your server. When people visit your site through the HTTPS address, the password is checked, verifying that your website is what it says.

The certificate is used to encrypt all data that flows to and from the server where the certificate is installed.This SSL certificate must be purchased from a trusted retailer that is a Certificate Authority (CA).

They store a copy of the certificate password in your database, and that’s cross-referenced by incoming web traffic to ensure that your web address is connected to the correct server.

3. Redeem SSL Certificate

Next, you’ll need to redeem the certificate. To do this, log in to your WebScorch account, and click SSL Certificates. Next to the SSL certificate, click Set Up. Refresh the page to see a New Certificate. If you don’t see it, wait a few minutes and try again.

Once you see a New Certificate, next to it click Manage. Next, choose the domain hosted in your account, if the certificate is with WebScorch. If it’s hosted with another company, click Provide a CSR.

If you have a Standard Issuance Certificate, click Request Certificate. Otherwise, click Next, and then complete the required information on the next page. This information is needed so that WebScorch can verify that you control the common name associated with the certificate.

Once you’ve submitted this information, it takes between one and seven days to validate and verify your certificate request. During this time you might be asked for further information.

4. Install SSL Certificate

You’re almost there. This next step is the easiest step by far. All you have to do is download the certificate and install it on your server.

If your website is hosted with WebScorch and you’re using cPanel hosting, you can install it through your cPanel. Look for the button under SSL/TLS that allows you to Install an SSL Certificate.

Now, you only need to paste the certificate into the box, and then submit the form. With that, you’re on to the fifth and final step, configuring your website to render and work in HTTPS.

5. Configure Your Site to Enable HTTPS

It’s important to wait a few minutes after completing Step 4 before you proceed further to allow the certificate to propagate. Once you’ve waited some time, try accessing your website using https:// in the address rather than http://. If it works for you, you’re on the right track! But you still have a little ways to go. Next, you have to make sure your visitors are seeing the HTTPS version by default. To do this, we have to redirect them from HTTP to HTTPS.

You can use the following piece of code at the top of your page. It’s in PHP, but you could also use another language:

// Require https
if ($_SERVER['HTTPS'] != "on") {
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header("Location: $url");
exit;
}

Alternatively, you can force a redirection through your .htaccess file. Use the following link to access the simple steps in this method:

Redirect Users from HTTP to HTTPS on Your Web Server.

That’s all there is to it. If you have any issues with installing a certification into your WebScorch account, then please view our Help files. Additional assistance can also be found from our customer service team.