(03) 8899 7868
Papdan.ComPapdan.ComPapdan.ComPapdan.Com
(03) 8899 7868
  • HOME
  • ABOUT US
  • YOUR BUSINESS
  • SERVICES
    • WEB DESIGN
    • E-COMMERCE
    • HOSTING
    • BRAND IDENTITY
    • APP DEVELOPMENT
    • SEARCH ENGINE OPTIMIZATION
    • SOCIAL MEDIA
    • E-LEARNING
  • PORTFOLIO
  • BLOG
  • CONTACT

Tips & Tricks to Move Your Website to HTTPS/SSL

    Home Uncategorized Tips & Tricks to Move Your Website to HTTPS/SSL
    NextPrevious
    moving-your-website-to-https-ssl-tips-tricks_papdan

    Tips & Tricks to Move Your Website to HTTPS/SSL

    By development | Uncategorized | 0 comment | 15 August, 2017 | 0

    To encrypt sensitive data that’s being sent across our website, in 2014 many web developers switch over to the now commonly used HTTPS. If you are one among so many developers who also think about switching, you can read this post which describes some useful tips based on our own experiences.

    How Do I Switch?
    When you decide to switch your website address, there are a few things that you need to take into account to ensure your website fully works, such as:

    • Change all your internal links. This also includes updating links to assets. Make sure to go through your theme and alter references to CSS, images and JavaScript files. You can also change all your links to start with // instead of https:// which will result in protocol-relative URLs.
    • Make sure that your CDN supports SSL as well. By using MaxCDN, you can easily set up SSL on your CDN subdomain.
    • You can find various levels of SSL that you can choose from, each with their own pros and cons. You will find more information about that later on.
    • Ensure you have a canonical link present in the section of your website to properly redirect all traffic coming in from http:// to https://.

    Google also published a handy guide on how to move on HTTPS without massively impacting your ranking, which can be found here. Even though, moving from HTTP to HTTPS will slightly influence your ranking, but your rankings will actually improve over time.

    Setting Up HTTPS & SSL on your Server
    If you would like to run and manage your own web server, you have to enable a few things in your server configuration before being able to use SSL certificates. In the tutorial below, you can discover what steps to take to get a certificate running on your server.

     

    • OCSP Stapling

    When you check the validity of an SSL certificate, there is a high risk that your loading speed may get a small hit. Therefore, to avoid this, you can make use of OCSP stapling. OCSP stapling is a feature that enables the server to download a copy of the certificate vendor’s response when checking the SSL certificate. This means that once a browser connects to the server, it checks the validity of the certificate based on the copy on the server instead of having to query the certificate vendor itself, resulting in a significant performance improvement.

    • Apache

    Please check that you’re running version 2.3.3+ of Apache by running the command apache2 –v (or httpd –v) on your server. Lower versions of Apache do not support this feature.

    If you want to setting up HTTPS on your server, then you should have come into contact with a VirtualHost configuration specifically made for usage with HTTPS/SSL.

    In that file, take the following steps:

    1. Inside the section, you should add SSLUseStapling on.
    2. Just above the section, add SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
    3. Check that the configuration is still valid by running apachectl -t. If so, reload Apache by running service apache2 reload.
    • Nginx

    Nginx also supports OCSP stapling. Therefore, you need to check that you’re running version 1.3.7+ of Nginx by running the command nginx –v on your server before editing the server configuration. Lower versions of Nginx do not support this feature.

    If you want to setting up HTTPS on your server, then you should have come into contact with an Nginx configuration specifically made for usage with HTTPS/SSL.

    In that file, add the following lines in the server {}section:

    ssl_stapling on;

    ssl_stapling_verify on;

    ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;

    The last file which contains a list of trusted CA certificates is used to verify client certificates when using OCSP.

    After adding these lines to the file, check that the configuration is still valid by running service nginx configtest . If  so, reload Nginx by running service nginx reload.

     

    Strict Transport Security Header

    Another handy feature that basically enforces browsers to use the HTTPS request instead of the HTTP equivalent is the Strict Transport Security Header (HSTS). Enabling this feature is relatively painless.

    Apache

    First of all, you need to enable the Apache Headers module by running a2enmod headers if you’re running Apache. After this, it’s only a matter of adding the following line to your VirtualHost configuration that you set up earlier for HTTPS:

    Header always set Strict-Transport-Security “max-age=31536000; include SubDomains” Nginx Nginx requires you to add the following line in the server {} section of your server configuration file: add_header Strict-Transport-Security max-age=31536000;

    Testing

    To know whether your SSL certificate is working properly or not, you can head over to SSL Labs. Then, fill in your domain name and see what kind of score you get.

    Redirecting URLs

    You need to add more lines to your configuration to ensure requests are properly redirected to the HTTPS URL. This way, traffic will automatically be redirected to HTTPS, once they try to visit over HTTP.

    Apache

    Add the following to ensure URLs get properly redirected in your default VirtualHost configuration:

    RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    Nginx

    In Nginx, replace the default configuration file that was used for HTTP requests and alter it as such:

    server {    listen 80;    server_name your-site.com www.your-site.com;    return 301 https://your-site.com$request_uri;}

    Before testing these changes, don’t forget to reload Nginx.


    In Summary

    Switch over from HTTP to HTTPS is a must, especially if you’re dealing with monetary transactions. HTTPS will ensure that your private information stays secure. However, you need to conduct a proper research beforehand to know what type of certificate you end up going with.

    coding, developer, https, security, server, ssl, tips, web developer, website

    Related Post

    • web development tips

      Spitting Image: 4 Tips in Using Split Screen for Websites

      By development | 0 comment

      For a completely unrelated reason, the racing video game series Mario Kart, or specifically, a character from the game, blew up all over the internet a couple days ago. Stephanie Clifford, known professionally and popularlyRead more

    • brand identity tips

      Are You Having A Brand Identity Crisis? Know the Signs and Solve It with These Steps

      By development | 0 comment

      “What is happening? Why is my business not running smoothly?” I’ve seen and heard my friends who were starting out a business ask that question in panic, in the middle of running their business. TheRead more

    • Why There are Error 404 Pages in My WordPress Simple A Guide-01

      Why There are Error 404 Pages in My WordPress? Simple A Guide

      By development | 0 comment

      The dreaded 404 page can be a headache not only for web developers but also anyone who manages a website. And it can be much more difficult often to find out how to manage thoseRead more

    • Doubting Python These 3 Reasons Will Change Your Mind!-01

      Doubting Python? These 3 Reasons Will Change Your Mind!

      By development | 0 comment

      One of the most popular programming languages among developers is Python. It consistently ranks on the TIOBE index, a widely recognized programming language popularity ranking as the top 10 programming languages and has been No.Read more

    • Get a Perfectly Matched Font Pairing with These 5 Tools-01

      Get a Perfectly Matched Font Pairing with These 5 Tools!

      By development | 0 comment

      Font is one of the most important elements on a website. Choosing the right font is crucial for web developers and designers when creating a website, but it doesn’t end there. Almost a hundred percentRead more

    NextPrevious

    Recent Posts

    • 5 Simple Tips to Strengthen Your Brand Identity Through Your Web Design
    • Creating MVP for A Web Page
    • 5 Simple Tips for Web Developers to Boost Productivity
    • SEO Basics to Improve Organic Traffic
    • 7 Reasons to Use Rust for Your Upcoming Project

    Archives

    Categories

    Melbourne – HEAD OFFICE

    Suite 2, Level 1
    428c Toorak Road
    Toorak VIC 3142

    phone.

    03 8899 7868

    Jakarta

    Metro Broadway , 2nd floor
    No. B61, Jl. Pantai Indah Utara 2, Jakarta Utara 14460

    phone.

    6221 300 10408

    Follow us

    Papdan.com Copyright © 2020. All Rights Reserved
    • HOME
    • ABOUT US
    • YOUR BUSINESS
    • SERVICES
      • WEB DESIGN
      • E-COMMERCE
      • HOSTING
      • BRAND IDENTITY
      • APP DEVELOPMENT
      • SEARCH ENGINE OPTIMIZATION
      • SOCIAL MEDIA
      • E-LEARNING
    • PORTFOLIO
    • BLOG
    • CONTACT
    Papdan.Com
    (03) 8899 7868
    This website requires cookies to operate correctly. Click here to view our terms and conditions. AcceptDecline
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT