How To Enable HTTPS On Your Website

When accessing a website, one of the first things to look out for is whether or not that domain is using HTTPS protocol. You can check this in the URL bar of your browser for the website you are viewing and is a good indicator of how secure the website is. HTTPS, a constituent of SSL (Secure Sockets Layer), helps encrypt any data transferring between the user and server hosting the website. SSL is the technology used for enacting an encrypted link between a web server and a browser. This helps prevent any hackers from intercepting this data, keeping it secure.
Here are some basic steps on how to enable HTTPS for your own website:

#1. Use a dedicated IP address

A dedicated address is just that: a specific IP address to be used for your website that isn’t shared among other users on the same server. While it’s not required to have an SSL installed, it is important to verify a business identity as well as any email sent from that host. It also allows you the ability to access the server directly without changing any DNS settings for your domain.

#2. Purchase an SSL

These can be bought from different host providers, but the key thing to keep in mind is that the seller must be a certificate authority, otherwise it won’t be supported for the secure HTTPS green lock authentication. Incidentally, WestHost sells SSLs and will support you through the process.

#3. Install the SSL

This can be either simple or complex, depending on the host you are using for your website. Most host providers go through the install process by using either WHM or cPanel. If you are hosted with WestHost then you would install your SSL through the cPanel by pasting the certificate into the box and submitting the form. Check with your hosting provider for the exact details.

#4. Update your site script to match HTTPS

After your SSL is installed, you will need to ensure that accessing your HTTPS protocol doesn’t trigger any warning when the page loads. If this occurs, you will need to double check your SSL install to make sure it was executed correctly. If it loads without any problem, you will then need to go into your website script to help redirect users from HTTP to HTTPS for your important web pages – namely those that users will use to submit data. It is possible to encrypt an entire website with HTTPS, but this will cause the encryption load that comes with it to be increased, and possibly use up more resources on your hosted server. In order to change your site script to match, you will need to have access to your website’s files. Below is some default code that you can insert at the top of each page that will allow this redirect to happen:
// Require https
if ($_SERVER[‘HTTPS’] != “on”) {
$url = “http://”. $_SERVER[‘SERVER_NAME’] . $_SERVER[‘REQUEST_URI’];
header(“Location: $url”);
exit;
}
Keep in mind that this code is – by default – in PHP, but can be manipulated into use by other coding languages.
You can also add this code to your .htaccess file if you don’t want to insert script into each and every web page, but you will need to make a .htaccess file for every page file location, so bear that in mind if you go this route. You would need to insert the subdirectory filename within the rewrite rule path as follows:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(testpage/) http://%{HTTP_HOST}%{REQUEST_URI}
By following all these steps, you should be well on your way to making your website secure. By doing so, you can boost your website rankings in search results, since Google and other search engines reward website owners for securing their websites. If you need any help getting an SSL installed for your website, feel free to contact our technical support team and they will be happy to help assist you.