Why do you need HTTPS and SSL?
SSL is called Secure Socket Layer which is present between application layer (web server) and transport layer (channel).
SSL encryption is a must to secure our website when we transmit sensitive data like filling up forms, Credit card details, login, register and passwords. If someone wants to break into the transport layer, they would not be able decrypt any of the information due to the SSL security. SSL also shields from phishing. A good SSL Certificate ensures that all data passed between the Web server and web browser remains private and secure… always.
Major inspiration for HTTPS is to prevent wiretapping and man-in-the-center attacks.
Steps for Setting up SSL on your website: –
- Get an SSL certificate for your website. There are many good providers for SSL (Comodo, GeoTrust, Verisign)
- Activate the certificate using CSR
- Install the certificate
- Configure SSL certificate on your web server.
- Update your site to use HTTPS.
To make online Website safe for its Customers We must have SSL Certificates. Will my money be safe? Can someone steal my Personal information? Can someone track my transactions? SSL Certificates is the only answers to these questions.
>>Steps to take care when setting up your website from non SSL to SSL.
- Keep Backup of current site Files as well as Database.
- Change Base url http to https in General settings or in configuration file.
- Change all website links to HTTPS.
- Change CMS generated links.
- Start fixing any non-CMS generated links.
- Replace http to https in Database.
- Check if any plugin/modules/extensions/components not able to load files on https.
- Setup 301 redirects from HTTP to HTTPS or consider HSTS.HSTS is a way to force all connections to be HTTPS—it essentially acts in the same way as the redirect. Implementing 301 redirects is an essential to retaining your search engine rankings and traffic.
- Set up HTTPS site in Webmaster Tools and also check speed optimization of website.
- Last but not least when everything is well with Https, update your htacess with following code:
6.Once done, we need to check following: –
- Unit test individual components of the page.
- Test Forms in website.
- Visit your page to ensure that you have all green light in Chrome and other browsers.
However, I can’t emphasis enough that moving over to HTTPS isn’t without risk, and great care should be taken when redirecting traffic from the non-HTTPS to the HTTPS version of your website.
SSL problem messages and warnings are often displayed in an attempt to protect website users from potentially compromising situations.