Well, it was about time. I had to take out some of my time to be able to attend to my blog, which I have somewhat neglected. The first thing I’m going to do? Install the SSL certificate and change the whole site to https.
Why am I going to Switch to https?
Well, because from October, the pages that collect user data, have forms, or any communication between Web and user, do not have SSL certificate and therefore navigate under https security protocols, will be marked by browsers as unsafe websites.
This is the warning that Google made to the pages without https and that had data collection forms.
This is a message (notification) that all of us who were in the same situation received through our property in Search Console.
So when Google tells us directly: Watch out that we are starting here….Then we don’t know what will happen… That’s when you take things seriously.
Decision made:I switch to https
The truth is that the decision was easy to make, it is almost mandatory. But… How to proceed to make the migration?
You can read a lot of articles telling you how to do it, how to implement the migration, and so on. Well, this is another one of those articles, but I’m doing it at the same time that I change my website to https.
The Steps to Migrate a Web to https are:
- SSL Certificate Installation
- Modification of BBDD
- Forced https and redirections
- Error analysis
- Reporting in Search Console
I always insist that when we perform a major action on our website or our blog we have to make a backup.
Therefore, the first thing we must do is a global copy of our website. If we have CPanel, it is very simple, because the backups are managed automatically:
We enter the application (the icon may vary in different versions of Cpanel) and the following image will appear:
Just click on back up and the system will create a copy of the entire site, including directory, database and mail.
If you don’t have Cpanel or you don’t see the icon because you don’t have the application installed, you will have to make the backup manually.
To do it we must enter by FTP and download the complete directory.
Also enter Phpmyadmin inside CPanel. Select the database we want to backup and click on export.
If the database is small we can do the normal export, by default. But if it is large, we must make the custom export
and select gzip compression as shown in the image, so that later we can restore the backup properly.
Once we have the bakups and we are clear when we are going to make the change to https, we move on to point 2.
2 – Installing the SSL Certificate
Now it’s time to install our certificate. We can install any paid one, although here we are going to explain how to install a Free SSL certificate. In this case it is called Let’s Encrypt.
What is Let’s Encrypt?
It is a project that was driven by Linux andsupported by major internet companies, such as Facebook, Google, WordPress, Cisco
It is based on generating SSL security certificates of free distribution, open and, therefore, free.
It will not be less secure than a paid certificate, nor will it suffer any kind of penalty from Google as it is trusted by all browsers and the search engine itself.
Once we know what Let’s Encrypt is, let’s install it. In Webempresa hosting is very simple, because we only have to click on certificates in the customer section.
We have to select the domain with www, because this way it will be installed for both versions of the domain, with www and without www. In the case that your hosting is not from Webempresa, if you use Cpanel we have to enter the SSL /TLS application. And manage the Let’s Encrypt certificate. To do this we must have it previously installed.
3 – Modifying the DB
Before modifying the database we have to make a backup, as explained in point 1. Also before touching the DB we must change the domain in WordPress. To do this we have to go into Settings and set the domain version with https as shown in the following image:
Once we have changed this and updated, it will unlog us from the page and we will have to log in again with the same admin.
Now is when we have to modify the MySQL DB. For this we have 3 options:
- Option 1: do it with queries in phpmyadmin.
- Option 2: do it with the DB in text mode and search and replace.
- Option 3: With the Better Search Replace Plugin.
In case 1 simply enter phpmyadmin, select the database on which we want to work and click on SQL.
Now we have to put the following codes:
We have to modify the “old_domain” by the domain with http:// and “new_domain” by https:// .In addition we will have to repeat it in as many tables as we deem appropriate so that there is no link or loophole http.
Option 2 is to open the DB in a word processor, like PSPad or Wordpad, and use the search and replace commands.
In search we will put: “http://midominio.com”and in replace: “https://midominio.com”It is important that we include the domain, because otherwise it would change external links that do not have a certificate and are not necessary, and errors would appear on the web.
The third option is with the Better Search Replace Plugin.
In theory it does the same as the previous one, and with the philosophy of the first one, but automatically.
To do this we must install the Plugin named and access its configuration.
We can do an initial test, and see how many tables are going to be changed. To do this we just have to keep activated the relevant button (last button on the plugin page). And when we are sure we do it for real. It is a very simple plugin to use for those who do not know or do not want to touch code.
To see if everything is changed, it is best to analyze it with Screaming Frog(there is a free version of up to 500 URL’s analyzed), and see in the initial url’s if there is any of them that receives links from any other url of the site. If any of them are still there, you will have to modify them manually.
4.- Force Https and Redirections
Once we have the page set in https, we make sure that everything is correct, and we also have to force the use of https. The forced we do it by entering the wp-config.php file that can be accessed from the ftp or from the wordpress itself. And we must put the new defines:
We already have forced the blog or the web so that any request is always displayed as https.
Now we have to redirect our blog so that all incoming links to http and pages indexed with http are transferred to https. We do this by opening the .htaccess file and adding the following code in the header:
IMPORTANT NOTE: Each must replace the domain elblogdelseo for your own domain.
In this way we will not lose one iota of positioning, on the contrary, if we do everything right we will improve it.
5.- https Error Analysis
Before getting carried away by enthusiasm, because everything seems to look correct, we must thoroughly analyze the code of our website. The best is as in point 3, use Screaming Frog to see if there is any url with http that is receiving internal links. If so, we must modify them manually. If the links are external, there will be no problem because with the code of point 4 we are redirecting with 301 to the version with https. The ideal would be to change in destination the links that we can, but this is sometimes almost impossible, because it does not depend on oneself.
We can also check the certificate at the following address:
However, the most common error is when our browser does not show a closed padlock, as if the certificate is installed correctly. This happens because there are still images or some other request being made with http. In my case, and this is also the most common, it is the logo. Since it is managed from the theme that we have installed. So we go into the theme options and change it manually.
If the negative logo persists we must find that http request and modify it.
6.- Declare in Search Console
Once we have all our page migrated to https and without any error we have to declare the property in Search Console. We have to declare both the property with www. and without www.
As it is assumed that the domain is already declared in Search Console everything will be easier. Although we will have to send the new Sitemap in the new property with https. If we get an error when submitting the Sitemap, it is normal at first and we will have to wait a few minutes so that Google can detect and enter our site without problems.
At this point, we already have it, we have our page completely migrated to https, according to Google’s directives.