1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Advice] Moving website to HTTPS. 5 stages, step by step.

Discussion in 'White Hat SEO' started by skeye, Jun 7, 2016.

  1. skeye

    skeye Junior Member

    Joined:
    Dec 17, 2015
    Messages:
    161
    Likes Received:
    111
    Occupation:
    CM
    Hi again. I've been doing this lately and decided to make a manual for y'all.
    It's pretty simple if you know the subject, so here goes.

    Stage 1. Preparing the website.

    Internal linking: change absolute links to relative links. Go with the format that removes protocol from the link, e.g. //domain.com/page/ instead of http://domain.com/page
    Now internal linking is not affected by protocol and it doesn't matter if you use http or https.

    Media: same stuff. Set addresses of your images, videos and etc else to relative, without protocol. //domain.com/img/picture.jpg

    External scripts: again. Relative links, no protocol. So this is how your script should look like: <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
    Not like this: <script src="http://ajax.googleapis.com/ajax/libs/jque...

    Stage 2. Installing the SSL certificate.

    Choosing certificate:
    Regular certificate: good for small websites, only verification is domain ownership.
    Extended Verification certificate: complicated stuff, only for registered companies. Involves phone calls, address verification and etc, allows you to get a green badge in address bar.
    Wildcard certificate: never used these but people say that you need these for websites with multiple subdomains.

    Installing certificate:
    Pretty simple stuff, depends on your hosting, contact support for assistance. If your hosting doesn't support SSL ditch them.

    First test:
    After certificates are there check if you can access your domain through both http and https protocols.

    Stage 3. Website settings.

    Add Host directive to your robots.txt. So SE knows what website is legit (http and https are seen as duplicates)
    Here's how it should look like in your robots – Host: https://domain.com

    301 redirect from http to https
    For most hostings, adding this code to htaccess will do:

    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^(.*)$ https://domain.com/$1 [R=301,L]

    if it doesn't work contact your hosting's support.

    Check everything.
    Check if the lock icon appears next to your address. Check accessibility, redirects, all your links and etc. Fix everything that seems wrong.

    Stage 4. Tell Google that you've moved.

    Add https version of your website to your webmaster panel. You'll have both version there, Google doesn't need any additional actions 301 redirects are enough. So don't delete anything.

    Move webmaster panel additional settings to https version. If you used any additions move them over to your new version, things like geotargeting, sitemap.xml, list of disavowed links and etc.

    Stage 5. Wait for your https website to be indexed.

    That's probably it. If you have experience in this please share it with me and other blackhatworld users. Let me kwno if I missed something or f*cked something up.