Upgrade http to https for security

In the process of creating new software and websites, I thought it might be a good idea to improve this site by changing from http to https.
This is what I found I needed to do:

First make sure my hosting account had the necessary security certificate – D9 Hosting were on the ball and made their necessary changes within minutes after I raised a low priority ticket asking for help.

Next I added a few lines of code to the root directory ‘.htaccess’ file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Not sure whether this was needed or not – but wanted to make sure that all http requests were routed as https secure versions

Firefox and Microsoft Edge still weren’t at all happy – saying website was insecure. So my third step was installing the WordPress plug-in Search and Replace This allowed me to change all instances of ‘http://’ to ‘https://’ for all of my posts and pages. There were hundreds of these – one for each image.

Still not enough – browsers weren’t at all happy yet. So then I installed the String Locator plugin to search for all instances of ‘http:’ This discovered hundreds of instances throughout my theme and installed plugins.

Finally I gave in and decided to remove the plugins and edit each of the theme files one by one (after a FTP download in case things went wrong). Changing each instance of ‘http’ to ‘https’ took surprisingly little time.
Now browsers seem to be quite happy.

Good luck if you need to sort the same problem – and improve your Google rating.

Leave a Reply

You must be logged in to post a comment.