Most of users are surely aware of HTTPS and it's benefits. HTTPS communication protocol enhances the information security of a website and decreases load times. It's also known that Google ranks these secured sites when producing their search results. Using HTTPS serves to build trust especially when used on online stores and other websites that require authentication. With such websites it is especially crucial, because HTTPS encrypts all traffic between the browser and the server, such as passwords and payments.
We highly encourage the usage of HTTPS. Therefore we provide a complimentary HTTPS-certificate with each of our subscription plans. This also includes that we ensure to our customers that the certificate is installed correctly and that deploying the communication protocol is effortless.
Seravo uses HTTPS-certificates provided by Let's Encrypt. Let's Encrypt is an open source project hosted by the Linux Foundation. With providing free certificates the project is determined to ensure that all websites use HTTPS-encryption.
Deploying the HTTPS Certificate
Because the certificate is pre-installed in a Seravo subscription plan, you can effortlessly set your website to use HTTPS encryption directly from the WordPress dashboard.
Navigate to Settings > General.
Type your web address into the fields WordPress Address and Site Address with the https-prefix, for example
https://example.com.Now you are using HTTPS!
If that doesn't work for some reason, you can force all website traffic to https with the help of this guide.
It is recommended to change all addresses in the database as well to avoid mixed content warnings in the web browser.
Change Addresses to the Database
You can find the database Search-Replace Tool in WordPress admin panel Tools > Database.
Enter your site address in the search and replace fields. Click All tables and Do a dry run to first run a test without making changes to the database.
Click Run wp search-replace to make the actual changes in the database.
Remember to empty all caches after database changes.
Deploying the Certificate From the Command-line
HTTPS encryption can also be activated via the command-line with the wp-cli tool:
wp option get siteurl
http://example.com
wp option get home
http://example.com
wp option update siteurl https://example.com
Success: Updated 'siteurl' option.
wp option update home https://example.com
Success: Updated 'home' option.
In addition to specifying the web address it is also recommended to run the command:
wp search-replace 'http://example.com/' 'https://example.com/' --all-tables
This makes the necessary modifications to the database that the website uses only URLs beginning with HTTPS instead of HTTP
Deployment in a Network (Multisite) Environment
Deploying HTTPS in a multisite envinronment differs slightly from a conventional WordPress installation.
Navigate to My Sites > Network Admin > Sites.
Open the options for the website you want to secure (example.com/subsite).
Browse into the Settings tab.
Change the values of the Siteurl and Home options into
https://example.com/subsite.Now your site is HTTPS encrypted.
Please note
Make sure that all addresses are changed to the (sub)site's content. Some cases you might need to run a search-replace to the database.
Troubleshooting
Occasionally deploying HTTPS some problems could arise. This might happen especially with older websites, because some of the elements might be transferred over HTTP as default. The issue can be identified as Mixed Content warnings, which indicates that some parts of the website are transferred over the unencrypted HTTP. This compromises HTTPS and therefore it is crucial to fix these issues as soon as possible.
You can troubleshoot the issue by identifying the elements responsible for the warnings using the console view of your web browser.
If an image cannot be transferred over HTTPS (you can test this by changing the url for the image from http:// to https://), you should download the image into your website's own media library. This ensures that the image is covered by the same encryption as the website itself.
Sometimes the WordPress theme might have addresses hard coded to use HTTP, and a simple change to the database isn't enough to fix the issue. This means that the changes must be done directly into the theme source code. You can search any urls beginning with HTTP with the command:
grep -RF 'http://example.com' /data/wordpress/htdocs/wp-content/themes/mytheme
With any HTTPS issues concerning a WordPress theme, it is advisable to contact the developer of the theme or website. Our experts here at Seravo can also help with solving any issues.
Need Help?
Contact our customer service for additional information!