HTTPS will help make your site more secure. If you don’t have it already, it will be a switch you will want to make at some point in the future. This article will show you how to convert HTTP to HTTPS for free if you are using Bluehost as your web host.
Many people have been getting notices from their web hosts that their sites may be labeled as “not secure” or “not private”. This all has to do with whether or not your site is HTTPS and has an SSL certificate. If this is confusing to you, keep reading!
Before launching my blog, I kept it hidden in maintenance mode in WordPress. In the dashboard settings, I originally typed in ‘thecuriousfrugal.com” in the text field for website name, not paying any attention to what came before that. It turns out I kept the basic settings which looked like this:
What I wish I had set it up as:
What can happen with not using HTTPS is some visitors to your blog could see a page that looks like this:
This is not what you want your readers to see when they visit your website!
When doing the very initial set up steps for this blog, I didn’t give much thought to http versus https, even though I do notice it with other websites. I got so caught up in so many other start-up tasks that I completely forgot about this very important step.
Why should you convert from HTTP to HTTPS?
Google has indicated that a warning will show on any pages that take information, so that means email signups, newsletter signups, contact forms, and e-commerce input fields (such as credit card numbers). To keep up-to-date with the latest standards, you want your website to run HTTPS with an SSL certificate. HTTPS adds another layer of security to HTTP, by encrypting data, for example passwords or email addresses that are entered into a form on your webpage.
If you are just starting your blog, it is easiest to start off right away with https.
I didn’t do this so I had a few extra steps since I already had blog posts with urls that were http. Although I have a degree in computer science, I am not a web security expert and do not know the nuances of http and https.
There are many great websites out there that can explain the theory and details if you are interested. For myself, I was mainly interested in getting my blog fixed and making sure my visitors don’t get that warning page above.
I use Bluehost to host my blog and to convert from http to https.
I will walk you through a quick tutorial on how I did this, including screen shots. Again, there are many ways to do this, but this is what I did and what worked for me.
This post may contain affiliate links. Please read my disclosure for more info.
How to convert to HTTPS on your WordPress site through Bluehost
Login to your Bluehost account.
Go to My Sites.
Click on Manage Site.
Click on the Security tab.
Under Security Certificate, the default setting for Free SSL Certificate is OFF. Click on this to toggle to ON as you can see in the image below. This means you are requesting Bluehost to give you a free SSL certificate for the domain you registered with them.
If you refresh this page, you will see that the free SSL certificate is now In Progress.
When this is complete, if you check your Settings by clicking on the Settings tab in Bluehost, you will see that your website has https:// in front of it. This is exactly what you want!
Next you want to navigate back to your WordPress dashboard. You need to make sure that WordPress knows you are now using https instead of http. Go to Settings in WordPress, then click on General. Add an ‘s’ to the WordPress address (URL) and Site Address (URL) fields. This will change it from http://yoursite.com to https://yoursite.com.
Try out your website by typing in the new secure URL into your browser.
Other resources to help you with your blog or website:
- An easy way to do a WordPress backup without plugins or FTP
- Don’t forget this step in MailChimp
- Doubts and fears about blogging… and how to get over them
- 3 things I learned the first month of using MailChimp
Tips to remember when you convert from HTTP to HTTPS:
- Make sure any automated newsletters/campaigns you have already set up have the URL changed to HTTPS
- If you have internal links in any of your blog posts, you should update them so that they say HTTPS and not HTTP
- Make sure any landing pages you have created also are updated to HTTPS
When I converted the site from HTTP to HTTPS I had a couple of links not work correctly until I found them and fixed them. So try out the main links on your site to make sure everything is still working well.
More and more people are getting email messages from their hosting providers letting you know that your site might be labeled “not secure”. This is something that most people will want to fix over time. You want your website to be secure and your readers to have trust when they visit your space. If you have Bluehost as your website host, they make it simple to convert from HTTP to HTTPS.
I hope these steps help you convert your own website or blog!
If you don’t have a website yet but are interested in starting one, I have an easy tutorial to walk you through the steps here.