Those of you who have been following me for a long time know that my portfolio of websites is something that I’ve been working very hard on, and I’m quite proud of what I’ve been able to accomplish. No, they still don’t produce enough income for me to quit my corporate day job, but I’m definitely headed in the right direction. They say you need to be patient when it comes to building an online business, and I’m here to tell ya: they weren’t kidding.
One of the struggles of web development is keeping up with all the rules, regulations, and ever changing technology. I’m a content creator – not a tech guy, so that’s why my butt cheeks clench to tightly whenever Google reveals changes to it’s ranking algorithm. Those changes, unfortunately for non-techies like me, usually require some pretty big changes to site structure if you want to stay relevant in the search results. Remember when they announced that responsive design is now a ranking factor? I lost sleep over that one, and I actually had to trash one site completely because it was built on a platform that wasn’t flexible enough to adapt. Lesson learned.
Fast forward to today, and Googles latest fetish is SSL (Secure Socket Layer) and they are becoming quite strict about it. Web security is a big deal, and to be honest it’s something I’m personally totally onboard with. Not only as a web developer – of course I want my visitors to feel as safe as possible when browsing my websites, but I’m speaking from the consumer part of me as well. I do a lot of shopping and business transactions online, so making sure that the data I transmit remains secure is very important to me.
Feeling stressed about converting all my websites from http to https
Google is so serious about SSL that they’ve publicly stated that they are starting to rank https sites higher than comparable sites using unsecured http. That gave me a good amount of heartburn for several reasons:
- I’m a content creator with a busy life, and trying to wrap my head around what it was going to take to convert all my websites from http to https was not something I wanted to spend time on. What type of SSL certificate do I need? How much will it cost? Do I really need one at all? Ugh. I didn’t have time for this.
- I have the tendency to break anything I touch, and I’d rather not go poking around my very delicate (and perfectly working) server settings to upload and configure a SSL certificate. If I break something, chances are darn near 100% that I wouldn’t know how to fix it on my own.
- Changing from http to https is essentially changing the domain name. I’ve heard horror stories from other website owners who lost all their ranking on Google after the conversion, and that scared the you-know-what out of me. Was I willing to risk the ranking I’ve worked so hard to achieve?
Thankfully, I’ve got a couple websites that get very little traffic that were perfect to test the the http to https conversion. My thinking was that if something goes wrong, it wouldn’t be a big deal because I wouldn’t be losing any traffic anyway. And once I get things figured out, I could then use that knowledge and experience to add SSL certificates to some of my higher-traffic sites. I basically had nothing to lose! Hey – that’s one advantage to having a website that doesn’t get any traffic…
I went ahead with the test, and long story short, things went massively well. Converting a WordPress site from HTTP to HTTPS was a LOT simpler than what I what I was reading about on the web, and my only regret was that I didn’t do it sooner.
Here’s how easy it was to covert my WordPress sites from HTTP to HTTPS:
- Since I have multiple websites that needed an SSL certificate, I quickly discovered that the type I needed was a multi-domain certificate. Easy decision.
- Not only did I have absolutely no idea how to install and configure an SSL certificate, I had absolutely no desire to learn how to do it. Attending a 3-day insurance seminar sounded more interesting than that! Luckily, 2 minutes of research on my hosting company’s website revealed that they could install and configure the certificate for me for a small fee ($25). Sold.
- I simply told them which sites I wanted to apply the SSL certificate to, and they did the rest. Two days later, they sent me an email confirming that the installation was complete.
- The only thing I had to do after that was install a plugin via my WordPress dashboard called Really Simple SSL and activate it. Voila. The plugin automatically forwards all incoming HTTP requests to the HTTPS version, so there’s no chance of losing valuable search traffic from Google and Bing.
- I also had to update Google Webmaster Tools by adding the HTTPS version of my site so that I could monitor search and index traffic just to make sure everything is working as it should.
- You do need to let the search engines know that your site is now https instead of http though (so that your https pages are indexed). All I did was resubmit my sitemap with the Google XML Sitemaps WordPress plugin, and that was that. Within a week I noticed in Google Webmaster Tools that the new HTTPS pages were starting to be indexed.
That’s all there is to this. The one WordPress site that I tested this on revealed no drop in traffic, and I didn’t encounter a single problem during the entire transition. Once a few days had passed and things were still looking good, I took the plunge and had my hosting company install and configure the SSL certificate to a couple of my main high-traffic sites. Those HTTP to HTTPS conversions were a bit scarier since I had a lot more to lose if something went wrong, but thankfully, the entire process was just as simple as the first site I converted.
The bottom line is this: if you’re a non-technical content producer like me who is frightened by the thought of converting your high-traffic WordPress site from HTTP to HTTPS, just do it. Don’t let the horror stories you read on the web scare you. The entire process is a lot easier than many would like you to believe, and the benefits far outweigh the negatives.
Quit procrastinating and make your WordPress sites secure!