hit counter

HTTP-HTTPS Migration Process

Posted on March 26th, 2017.

Yesterday I moved one of the websites I manage to HTTPS. The process was surprisingly simple and quick to preform. Bear in mind that I did this on a shared hosting environment. 1and1 to be specific. The site I moved uses WordPress as it's CMS. It also had WP Total cache using a sub-domain to serve the site images and assets.

The most important part is to get a SSL certificate. Without one you can't have HTTPS. The certificate was given to me through the 1and1 CP and is powered by Symantec. After the certificate had been issued, I added the following code to my wp-config.php file.

define('FORCE_SSL_ADMIN', true);

That enforces that the WP Dashboard must use SSL. After that was successful, I moved specific pages on my front-end site to HTTPS to check everything was working and I could sort out any mixed content errors. I used the WordPress HTTPS plugin to manage this.

Everything was fine and I was not getting any Mixed Content errors in the console so I decided to use HTTPS for the entire domain.

Enforcing SSL requires you to add the snippet of code below to your .htaccess file and changing your WordPress site URL for both the front and back end of your WordPress site.

# Force HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Now you're pretty much done, you can remove the wp-config code and the plugin. I would watch out for mixed content errors as they can be common especially if you're loading content from other services.