With a multitude of offers from thousands of companiesaccommodation, it is not always easy to know at first glance what type of planaccommodation will be best suited to a WordPress environment. Although the open-source software is compatible with most of the offerings ofaccommodation, there are things to look for for maximum performance.
1. Get your SSL certificate from your web host
The first thing to do is to contact your web host and ask them to install SSL on your site. Most hosts will ask you to pay an annual fee ranging from $ 19 to $ 99 per year.
The good news is that if your website is hosted on Vidahost , SiteGround , WPEngine ou DreamHost , they can provide you with a free SSL certificate and assist you throughout the security process.
Another very interesting option is Let's Encrypt , which provides free SSL certificates. In order to facilitate this process, you can use the WP Encrypt WordPress plugin.
2. Update the WordPress URL
Once your host adds SSL to your account, your website should be accessible via the URL https://votresite.com. If you can access your site through this address, it's time for you to start setting up WordPress for HTTPS.
The first step to doing it is super easy. Simply log into your WordPress dashboard and visit the section Settings> General.
Just update the WordPress address (URL) and l' website address (URL) to HTTPS, as shown in the image below. Save the settings and you will be logged out of your WordPress dashboard.
3. Force SSL for the dashboard in wp-config.php
Use your FTP to edit the file wp-config.php, located at the root of your WordPress installation. Add the following:
Define ('FORCE_SSL_ADMIN', true);
This constant easily enables and enforces the administration of WordPress over SSL, adding additional security to your WordPress dashboard.
4. Redirect HTTP to HTTPS
At this point, HTTPS is already working on your website. But there are still a few things to do. The first is to redirect traffic http toward https.
Over the years, many websites have been linked to your site using http://so there will be a lot of people who are still accessing the httpversion of your site.
So what you have to do is redirect all traffic to the secure https site. This is done using the .htaccessfile, located at the root of your WordPress installation. Open the file and add the following items between the <IfModule mod_rewrite.c>tags:
RewriteCond% {HTTPS}! = enable RewriteRule ^ https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301]
Please note that the .htaccessredirects can be a bit difficult, and sometimes will work perfectly on one host and not on another.
If the above code doesn't work properly, simply roll back the changes and contact your hosting provider. They will be happy to provide you with the redirect .htaccess correct that works on their servers.
5. modify all links to HTTPS
Okay, now we have HTTPS set up correctly, and the HTTP traffic is automatically redirected to the HTTPS site. But there is one more thing to do: Replace all HTTP links on your site with their HTTPS equivalent. This is done in two separate parts:
Directly coded links (hard coding) in theme files
Let's start with your theme. If you use a WordPress theme from the WordPress directory, or one offered by ElegantThemes or any other free/premium theme store and you haven't changed anything, you don't have to do anything. However, if you are using a custom theme or a theme that you have modified yourself, some HTTP links may be directly coded somewhere.
Take a look in your theme files (especially header.phpet footer.php) and update each internal HTTP link encoded directly to its HTTPS version.
Internal links in the database
When writing articles or pages, chances are good that you have inserted HTTP internal links. To update your links, you can edit every post and every page, but it will take a long time.
Instead of dealing with so much hassle, there is a quick and easy way to update all the internal links in your database: Using SQL Queries.
There are several ways to execute SQL queries. Most of you probably have a cPanel installed on your server.
To access phpMyAdmin from cPanel, simply log into your cPanel and click on the icon phpMyAdmin in the section Databases .
Make sure to back up your database, in case something goes wrong. Once done, run the following two queries:
UPDATE wp_posts SET post_content = replace (post_content, 'http://yoursite.com', 'https://yoursite.com'); UPDATE wp_posts SET post_content = replace (post_content, 'http://www.yoursite.com', 'https://www.yoursite.com');
Be sure to replace "http://yoursite.com" with the actual address of your site. The requests updated all your internal links from HTTP to HTTPS. Now your WordPress site is fully SSL compliant and you should see a green padlock on your address bar, showing your visiteurs that your site is fully secure.
That's it for this tutorial, I hope it will allow you to migrate from HTTP to HTTPS.
