In a global network, scammers and hackers daily try to steal personal information. In the past, phishing was considered the most popular abduction method. An attacker replaces the original site, and data from the user falls into his hands (passwords, card numbers, private messages, etc.). To solve this problem, we created a secure HTTPS connection. Therefore, site administrators often care about how to create and configure a secure https connection.
What is HTTPS and why is it needed
Before transferring a site to an HTTPS connection, you should understand what it is and how it works. HTTPS is a protected version of the HTTP protocol (Hypertext Transfer Protocol), it transfers the necessary data for the operation of the pages (browser name, screen resolution, cookie availability, etc.).
HTTP is used by developers to send and receive variables, without this protocol sites will not be able to function. All files transferred via HTTP could previously be easily intercepted using a fake website (phishing).
A similar method previously stole passwords, logins, card numbers, secret messages and other important information. To protect users from phishing, SSL certificates and authentication were invented before starting the exchange of information.
HTTPS must be used on banking sites or in online stores. If there is no digital certificate on these resources , then the browser will block the connection and a danger warning will be displayed. As a result, the site will lose the trust of its users.
What is an SSL / TLS certificate
The main innovation in HTTPS is the mandatory use of a digital SSL certificate. This is a file in which all information is stored (server IP address, site country, ownerโs email address, etc.). The digital document is encrypted on the site server and on the server of the certification authority (GoDaddy, Comodo, etc.). Each connection compares these files, and if they are the same, the connection continues. Otherwise, a security warning appears.
Many readers do not know how to make a secure https connection. The first step is to get an SSL certificate from a trusted center. There are different types of data documents:
- DV - confirm only the domain (for small sites and blogs).
- OV - the domain and organization are checked.
- EV - advanced check (a green bar and a lock will appear in the browser).
The most preferred option for stores and banks is the EV option. Further refinements in the form of:
- SGC (supports older browsers).
- Wildcard (support for subdomains).
- SAN (alternative domains in one certificate).
- IDN (support of national domains www).
For most sites, using a DV SSL certificate is sufficient. It is inexpensive and guarantees protection against phishing.
How to transfer a site to a secure connection
Increasingly, online business owners are interested in how to create a secure https connection. For these actions, you will have to make some changes to the program code of the pages. Most important is to write an additional rule in the .htaccess file. It stores code for configuring the Apache web server.
Most hosting providers allow you to configure an SSL certificate for the server through the control panel. For details on how to do this, check with your service provider. The whole process of website translation can be divided into the following stages:
- Obtaining an SSL certificate.
- Install the certificate on the server.
- Changing the internal links of the site.
- Configure redirect on port 301.
- Change Hosts in robots.txt.
If you are using paid hosting such as beget, then contact the support team with a certificate, and all further actions will be performed by the service employees. The most difficult step in answering the question of how to make an https connection is setting up a .htaccess redirect, since most scripts do not help.
Obtaining a certificate and installing it on a server
Theoretically figured out how to make an https connection, let's move on to the actions. The first step is to get an SSL certificate from one of the trusted centers. On the Internet you can find many different options in different price ranges. At present, there are 2 centers for receiving a free document:
Other services require payment. The amount depends on the type of certificate and its additional features (multi-domain, support for older browsers, etc.). Certificate Authorities:
- Reg.ru.
- Godaddy
- Hostland
- Symantec
- Comodo.
- GlobalSign
- Thawte.
In addition, some hosting providers provide their users with SSL certificates when they purchase a specific tariff plan. The certification website details the necessary actions. But the whole procedure consists of the following steps:
- CSR request generation;
- filling in the siteโs mail (admin @ [site address]);
- filling in information about the domain owner (for EV and OV documents).
The CSR request includes general data for verification (domain name, organization, city, region, country). After filling in the information, the user receives 2 codes (secret key and CSR code), be sure to save them in a separate document. Send this code to receive an SSL certificate and wait for its issuance from the center.
Now go to the hosting site and find the "SSL certificate" section or contact support. You will need to provide information about the CSR code, private key and certificate. Remember to enable SSL support in the hosting panel.
How to create an https connection on an ongoing basis
After placing the file on the server, you need to carry out internal site configuration. You will need to configure the redirect and change all internal links from absolute to relative.
That is, instead of http://site.ru/img/bg.png install: //site.ru/img/bg.png.
You need to remove HTTP from the names of the links. If in doubt, call a WEB programmer or freelancer, he will quickly configure it. You can search for links through the code editor in each file or find all the information through a search in PhpMyAdmin.
After setting up links, you need to tell search engines about the change. Open the robots.txt file and in the Host line: put HTTPS instead of HTTP.
Instead of http://example.ru, insert: https://example.ru.
After changing the search file, weโll configure the site to automatically redirect from HTTP to HTTPS. Before further actions, check the availability of the site on the HTTPS protocol. If all previous actions are performed correctly, then there should be no errors.
To automatically redirect to a secure connection, paste this script into the .htacess file, it helps some:
Rewriteengine on
RewriteCond% {HTTP: X-Forwarded-Proto}! Https
RewriteRule ^ https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301, NE]
But in most cases this method does not work. In these situations, contact the hosting administrator, he will be able to make the correct settings. The redirect will start working after the server is restarted, usually within 24 hours.
In addition, you will need to change the settings in the panel of the Yandex or Google webmaster. You will need to go to the main mirror item in the indexing settings section and install HTTPS. In addition, you will need to transfer:
- sitemap.xml;
- URL exceptions
- geolocation;
- Disawov Tool links for Google.
After this, it remains to wait for the end of reindexing. During this period, activity on the site will decrease, but then everything will stabilize.
How to make https connection in WordPress
Modern blogs and portals mostly run on WordPress, they will need to follow the same steps to get to https (get a certificate, change links, etc.). But they have a set of built-in plugins that will perform all the actions for the owner:
- easy HTTPS Redirection;
- HTTPS (SSL).
The first replaces the links, and the second allows you to specify an SSL certificate. Alternatively, go to Settings-> General. Here you need to change the URL and specify the HTTPS protocol. Make sure the old pages also have a secure connection. After changing the links, configure the redirect and change the robots.txt file.
There should no longer be questions about how to make an https connection on a site. On most hosting sites, to enable the protective mode, you only need to write technical support. They will appoint a specialist, and he will perform the setup himself.