Switching to SSL seems straightforward, but there are a few pitfalls to watch out for. Let me help you avoid those pitfalls entirely! I’ll take care of the following for you:
- Install an SSL certificate (or confirm your existing one is set up properly).
- Enable HTTP/2, which allows for faster, parallel downloads.
- Change your site’s address to use https instead of http.
- Do a search & replace in your database to update hardcoded links.
- Set up redirects in your .htaccess file to “force” https, and also add/remove the “www” as appropriate. This will be done with one 301 redirect, rather than a “daisy-chain” of redirects.
- Help clean up any other “mixed content” issues (requests for off-site http resources instead of https).
- Implement a “Content Security Policy” in your .htaccess file to upgrade insecure requests (this can help reduce mixed-content headaches, especially with ads).
- Configure the Social Warfare Share Count Recovery Tool, if desired (see below).
Two important notes, before we begin:
- Not all ad networks are SSL-friendly. MediaVine, AdThrive, and Google ads are all good with SSL. Gourmet Ads (as of May, 2017) is not. So you may need to work with your advertising network to make sure they will be SSL-compatible.
- When we change your site to https, technically your URLs also change. This will reset your social media counters (“social proof”) to zero. I highly recommend the Social Warfare plugin and its “Share Count Recovery” tool to get those numbers back.