Brendan Tully0 Comments
April 25, 2022
Hypertext transfer protocol secure, or HTTPS, is rapidly becoming the norm on every website that you visit. The simplest way to find out if a site that you’re on is using HTTP or HTTPS is by checking the address line at the top of your browser.
If there is a padlock in front of the URL, then you’re currently on an HTTPS site. But what exactly is the difference between the two aside from the icon in the address bar? And what’s the best way to speed up HTTP to HTTPS redirects? Read on to find out.
Contents
The main reason that so many sites are switching over to HTTPS is because of security – the S in HTTPS actually stands for secure.
Due to the fact that a site requires a TLS handshake for authentication before it can be set to run over HTTPS, this adds an extra layer of encryption to the visitor data to each site. This means that the login information that the visitor uses is a lot better protected.
Many companies have taken notice that this added level of security has increased customer trust which has, as a result, increased the number of their monthly site visitors.
Since the number of sites that use HTTPS continues to grow by the second, this has resulted in better SEO rankings for those sites, as well as more accurate referral data from Google Analytics.
HTTPS is not a separate protocol from HTTP. Actually, the only difference between the two is the fact that HTTPS uses either SSL or the aforementioned TLS encryption in order to keep visitors’ data better secured.
Most sites will either have a plugin that handles this sort of encryption or will have some sort of built-in feature. Either way, if the features or plugins are set to run on HTTP (plaintext), there might be a slow-down when they receive a request to go to an HTTPS site that uses TLS/SSL.
Naturally, the biggest factors in how fast the visitor will be transferred will be the site servers and their own internet speed and stability. In reality, the transition from an HTTP to an HTTPS site only takes 1-2 seconds in the worst of times.
However, when it comes to site speeds and page load times, you don’t want any delays, even those that can be counted in microseconds.
Depending on which web server you use, the redirection instructions are going to be slightly different each time. However, before we get into the procedure of actually configuring the redirect settings, there are two important things that need to be done.
Firstly, backup your site. Going into the source code and making any sort of trivial modification can sometimes cause problems or mistakes for even the more experienced programmers. Meaning that covering yourself by making a backup beforehand is always recommended.
Secondly, activate your certificate. Most web hosting providers will have an SSL certificate as one of the main selling points of their packages, so you might already have one. However, if that’s not the case before you can configure your redirection settings, you’re going to need to either upgrade to a package that has that option, or simply buy one separately.
And lastly, after both of these are done, you can go into your settings.
You’re going to need to gain access to the .htaccess files of your site by connecting to your Apache server and opening the files that are placed in the domain root directory. In order to change the redirect settings through the mod-rewrite module, you’ll need to enter the following code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://examplesite.com/$1 [L,R=301]
The “Rewrite engine on” section enables the rewrite capabilities, the “Rewrite cont %{HTTPS} off” checks for an HTTP connection, and the final line redirects any HTTP to HTTPS with stats code 301, which signifies that it’s been moved permanently.
The site doesn’t need to be restarted as Apache does that automatically.
In order to change the Nginx redirection settings, you’re going to need to log in to the Nginx web server and go into the configuration settings. Once there, you’re going to enter this code:
server {
listen 80;
server_name examplesite.com www.examplesite.com;
return 301 https://examplesite.com$request_uri;
}
The “listen 80” portion allows the server block to listen for incoming connections on port 80, the “return 301…” redirects the traffic to the HTTPS version of the site, and the “server_name…” portion will specify the server block’s domain name. Keep in mind that any instance of “examplesite.com” should be replaced with your own domain name.
Restart Nginx and test out the site.
Cloudflare is by far the simplest process as it requires no coding knowledge or execution what-so-ever.
If you don’t have at least a certain level of IT knowledge or education that was centered around computer sciences, this might all seem a bit daunting at first.
However, all you really need to do is follow the instructions that we’ve laid out, maybe do a bit of Google research, and you should be all set to tackle this configuration head-on.
As long as you back up your site beforehand, you really have nothing to lose and everything to gain from the HTTPS-enabled functionality.
* Denotes Required Field