Know How to Migrate Your Website From HTTP to HTTPS - DubSEO

Your hired Portland SEO agency may have suggested your site’s migration to HTTPS, due to performance benefits you could get from HTTP/2. No doubt, you will get some additional security and SEO advantages when you switch to HTTPS. Before you take the leap, know why and how to migrate your site from HTTP to HTTPS-

Why should you migrate from HTTP to HTTPS?

Portland SEO experts know Google’s biasness towards HTTPS to make web a safer place for the online users. Whilst being secure is more important, there are some additional reasons that push you towards HTTPS.

  • Performance and HTTP/2: Content delivery networks and web hosting service providers are now rolling out HTTP/2. According to Mozilla and load impact, Internet users can expect websites optimized and delivered over HTTP/2 to perform 50-70% better than the sites developed over HTTP/1.1. It is all about taking advantage of HTTP/2 performance benefits by running over HTTPS and all because of supporting browser.

50%-70% reduce load time

  • SEO and ranking: According to Matt Cutts, in 2014, HTTPS is lightweight ranking signal that over time will be considered as strong signal by Google. Hence, running HTTPS can actually benefit your SEO ranking.

  • Better referral data: This is the 3rd reason why Google is migrating because of HTTP and HTTPS referral data is blocked in Google Analytics. For example, your website is on HTTP but suddenly you went viral on Reddit and YCombinator. Both sites run over HTTPS that cause loss of referrer data and end up with direct traffic, which is useless. From HTTPS to HTTPS, traffic passes easily.

  • More security: SEO Companies in Portland, Oregon agree that security is most relying factor on the web. For E-commerce sites, processing transaction of sensitive information of credit or debit card data is biggest reason why you need SSL certificate. On the other hand, WordPress login page require such secured connection, without which your username and password will be shown as clear text over the Internet.

  • Trust and credibility: SSL help you build trust and credibility with your visitors. According to a European survey held by GlobalSign, 77% of website visitors are worried about seizing or misuse of data online.

In the following section, know how to migrate your site from HTTP to HTTPS and you could follow some steps used for WordPress also.

Does HTTPS secure my website?

People hear HTTPS referred to as a secure protocol, and they think this protects their website. The fact is that your website is not protected, and you may still be vulnerable to one or more of the following:

  1. Downgrade attacks

  2. SSL/TLS vulnerabilites

  3. Heatbleed, Poodle, Logjam, etc.

  4. Hacks of a website, server or network

  5. Software vulnerabilities

  6. Brute force attacks

  7. DDOS attacks

Whilst going by the traffic building efforts and Google updates at the same time, DubSEO always scans your website from those attacks, being a SEO Portland Digital marketing company. You will get privilege to do more with your business, when DubSEO undertake your web marketing responsibility.

How to migrate from HTTP to HTTPS:

  • Buying an SSL certificate or using Let’s Encrypt: Being a Portland SEO expert, you need an SSL certificate at the beginning. SSL certificates are small data files that bind key to a specific organization’s details. Upon installation of SSL certificate, it activates HTTPS protocol that allows secure connection between server and web browser. There are several SSL certificate vendors, like GoGetSSL, etc. You could easily buy Comodo positive SSL cert that takes less than $9/year. Types of certs or certifications are-

  1. Domain validation

  2. Business validation

  3. Extended validation

You may find two trust indicators, one is organization/extended validation (company’s name in address bar) and other one is standard domain validation (Green padlock).

Green PadLock

You could also use Let’s Encrypt to get a free SSL certificate. Use Certbot, which is an easy-to-use automatic client that deploys and fetches SSL/TSL certificates for your webserver.

  • Installing SSL certificate: Depending on what software you are running, the installation steps may vary. For example, if you are deploying Let’s encrypt with Certbot, you can choose which type of webserver you are using on their website and operating system you are running. Let’s Encrypt on Nginx and Ubuntu 16.04.

Once you complete installation, check whether any issue is there or not. For example, SSL labs server test is very helpful to check issue with installed certificate. It would be counted as one of the success factors before you head for SEO in Portland, Oregon.

  • Updating entire hard-coded links to HTTPS: It is always a best practice to use relative URLs, but you may also need full sweep on your site database during migration, when you have hard-coded URL. If you want to update your link in word-press, it is recommended to use a free tool from interconnect IT called “Database search and replace script in PHP”. You could use dev server to back up your database. Simply drop their program into the root of your site via FTP.

Then, brows to it in your browser like the way it is named (Database folder named here as search-replace-db) here.

You can then insert what you want to replace. Make sure to reflect changes of mix and match across the site.

Next to this, have a dry run to check the update/replace. When you are ready, click on ‘live run’, and it will update all of your entries across database, including hard-coded links, WordPress Site URL, canonical tags etc.

If you are uncomfortable in making any changes, try this free ‘Really Simple SSL Plugin’.

  1. This plugin handles most issues that SSL has with WordPress, loadbalancer issue or not-set server variables

  2. Redirect all incoming request to HTTPS wither with .htaccess or Javascript.

  3. The home and site URL will get changed into HTTPS.

  • Update custom JS, AJAX libraries to HTTPS:

Even after the replacement, you may want to update any custom script that too will point the HTTPS versions. Not doing so will give an alarming mixed content warning showing below-

Hence, it is advised to use SSL check tool, which can scan you website and finds any non-secure content.

  • Add 301 redirects to new HTTPS URLs: 301 redirects gives 90-99% of ranking power to the redirected page. Not implementing 301 redirects could seriously hurt SEO ranking overnight, if you are handling hundreds of URLs.

  1. Apache: Add the following to your .htaccess file -


  1. Nginx: Include the following in your Nginx config. -


  • Updating robots.txt file: Check if your robot.txt contains any hard-coded links or blocking rule that is still pointing to HTTP directories to the file.

  • Installation of SSL certificate on CDN: You have 3 options when it comes to your CDN. Even, most providers have a shared SSL and custom SSL as well. Hence, all you need is enabling your shared SSL and custom SSL. You can enable free custom SSL with Let’s encrypt and you can see the green padlock as shown above.

  • Update original URL on CDN:

  • Enable HTTP/2 support on CDN:

  • Update entire hard-coded CDN links to HTTPS:

  • SEO: Google Search Console, Sitemaps, and Fetch: When your site runs on HTTPS, you need to create new Google Search Console profile. Simply click on “add property” and go ahead with the claiming process.

Sitemaps debug the indexing issues or verifies whether images are getting indexed or not. Upon using sitemap, you do not even need to resubmit the HTTPS version in Google Search Console profile.

When you are ready to fetch and crawl your new HTTPS site, try to get things a little faster.

  1. Submit your homepage by clicking on fetch and then click on “submit to index”

  1. Next to this, choose “Crawl this URL and its direct links”. Submit, if any page is still not connected to your homepage for re-crawling.

  • SEO: Resubmit your disavow file: People involved in SEO in Portland, Oregon sometimes just forget this step and suffer from negative SEO. This is when you should create and resubmit a disowned file. As you have created a Google search console profile, it requires resubmission of rejected file. You could launch Google Disavow tool under your new HTTTPS site and resubmit your disavow file.

Make sure to see the confirmation message-

  • Update your Google analytics profile URL: Now you need to update your Google Analytics website’s URL. Under your profile, click into admin and go through the view settings. Next to that, convert the URL to HTTPS version.

  • Misc updates: Some additional miscellaneous updates are needed soon after you migrate from HTTP to HTTPS. See the parts you could update-

  1. Update canonical tags

  2. Update 3rd party PPC URLs (FB Ads, Bing Ads, AdWrods etc.)

  3. Update email marketing software URLs (MailChimp, GetResponse)

  4. Update social media links on your site (Google+, Twitter, Facebook, LinkedIn)

  5. Migrate social share counts

  6. Update as much as backlinks and external links

There is a lot of thing you can see when your SEO Company in Portland, Oregon head towards the migration from HTTP to HTTPS. With the guidelines mentioned above, you could be in a good place with a good performance of HTTP/2 platform and you can get an extra edge to succeed in SEO.

10 Mar, 2017


Comment Here