From July 2018, with the release of Chrome 68 - Now your website users know the level of security as google flags your website if your site is not secured by SSL making SSL mandatory as a web standard. 

Google flags your website if your site is not secured by SSL

Why I need SSL?

Builds User Trust & Your Brand

Users are smart and they must be! SSL secured websites play a critical role to make your website trusted and assuring your users that their information is safe with your site.

You have already installed the SSL on your site and now the only task is to redirect all your pages from Http to Https.

I have SSL installed, but my browser says my site is insecure

Even if you have installed the SSL properly on your site you may such warning in the browser address bar. 

After the SSL installation, we need to tell the server that from now redirect all visitors to the Https version of the site 

We do this using .htaccess. Below is the code to your need to put in your .htaccess to redirect all the pages from Http to Https. 

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

If your site is built with WordPress, you need to use the below code

# BEGIN WordPress
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /

 RewriteCond %{HTTPS} !=on
 RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# BEGIN WordPress
 RewriteRule ^index\.php$ - [L]
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Great! Now all the pages will redirect to Https.

How to fix the mixed content issue

Even though we have SSL installed and .htaccess setup properly, we may see a few pages as insecure. This may be caused by mixed content issue.

Mixed content means that the page is loading both Https and Http scripts or content at the same time. 

Open the console (Ctrl+Shift+j or F12 key) on the page you are facing such issues. Check for all the non-Https scripts and content on the page.

If it shows a few scripts or content, then go ahead and fix them manually by editing the post, page, or file and replace Http by Https.

If you are using WordPress based site, there are many plugins to fix this in one go.

Log in and go to the plugin and add a plugin "SSL Insecure Content Fixer". Activate the plugin and select the Simple option. It automatically detects all scripts, stylesheets, and WordPress media library images and fixes the mixed content error.

You can select other additional options if the issues aren't fixed with the Simple option.

 

 

#Code Snippets #htaccess #WordPress