How to make an HTTPS connection? What is the difference between sites on HTTPS or HTTP?

In a global network, scammers and hackers dailytry to steal personal information. In the past, phishing was considered the most popular method of abduction. An attacker replaces the original site, and data from the user fall into his hands (passwords, card numbers, private messages, etc.). To solve this problem, we created a secure HTTPS connection. Therefore, site administrators often worry about how to create and configure a secure https connection.

how to make https connection

What is HTTPS and why is it needed?

Before translating a site to an HTTPS connection, you shouldunderstand what it is and how it works. HTTPS is a secure version of the HTTP protocol (Hypertext Transfer Protocol), it transmits the necessary data for the operation of the pages (browser name, screen resolution, availability of cookies, etc.).

HTTP is used by developers to send andobtaining variables, without this protocol, the sites will not be able to function. All files transmitted via HTTP, could previously be easily intercepted using a fake site (phishing).

By a similar method passwords, logins,Card numbers, secret messages and other important information. To protect users from phishing, they have invented SSL certificates and verified their authenticity before starting the exchange of information.

HTTPS must be used on bankwebsites or online stores. If these resources do not have a digital certificate, the browser will not allow the connection, and a warning about the danger will be displayed. As a consequence, the site will lose the confidence of its users.

how to make a secure connection https

What is an SSL / TLS certificate?

The main innovation in HTTPS ismandatory use of digital SSL certificate. This is a file in which all the information is stored (server IP address, country of the site, owner's e-mail, etc.). The digital document is encrypted on the site server and on the certification authority server (GoDaddy, Comodo, etc.). With each connection, these files are compared, and if they are the same, the connection continues. Otherwise, a security warning appears.

Many readers do not know how to make a secure connection https. The first step is to obtain an SSL certificate from a trusted center. There are different types of these documents:

  • DV - confirm only the domain (for small sites and blogs).
  • OV - domain and organization are verified.
  • EV - extended check (a green bar and a lock in the browser will appear).

The most preferable for stores and banks is the EV option. Further there are additional specifications in the form:

  • SGC (supports older browsers).
  • Wildcard (subdomain support).
  • SAN (alternative domains in one certificate).
  • IDN (support of national www domains).

For most sites, it is sufficient to use the DV SSL certificate. It is inexpensive and guarantees protection against phishing.

how to create an https connection

How to translate a site to a secure connection

Increasingly, online business owners are interested,How to create a secure connection https. For these actions, you will have to make some changes to the code of the pages. The most important is to write an additional rule in the .htaccess file. It stores the code for setting up the Apache web server.

Most of the hosting services allow through the panelmanage the SSL certificate for the server. For more information on how to do this, contact your service provider. The whole process of site translation can be divided into the following stages:

  1. Obtaining an SSL certificate.
  2. Installing the certificate on the server.
  3. Change of internal links of a site.
  4. Configuring redirect to port 301.
  5. Change Hosts to robots.txt.

If you use paid hosting such as beget, thencontact the support service with a certificate, and all further actions will be performed by the service staff. The most difficult step in answering the question of how to make an https connection is to configure the redirect .htaccess, since most scripts do not help.

how to create a secure https connection

Getting the certificate and installing it on the server

Theoretically figured out how to make httpsconnection, let's proceed to the action. The first step is to get an SSL certificate from one of the tested centers. On the Internet, you can find many different options in different price ranges. At present, there are 2 centers for obtaining a free document:

  • WoSign.
  • Startssl.

Other services require payment. The amount depends on the type of certificate and its additional features (multi-domain, support for old browsers, etc.). Certification Centers:

  • Reg.ru.
  • Godaddy.
  • Hostland.
  • Symantec.
  • Comodo.
  • GlobalSign.
  • Thawte.

In addition, some hosting providers provideto its users SSL certificates when purchasing a certain tariff plan. The certification site details the necessary actions. But the whole procedure consists of the following stages:

  • Generating the CSR request;
  • filling out the site mail (admin @ [site address]);
  • filling information about the owner of the domain (for EV and OV document).

The CSR request includes general data forverification (domain name, organization, city, province, country). After filling in the information, the user receives 2 codes (secret key and CSR code), be sure to save them in a separate document. Send this code to receive an SSL certificate and wait for it to be issued from the center.

Now go to the hosting site and findsection "SSL certificate" or contact support. It will be necessary to provide information about the CSR code, the private key and the certificate. Do not forget to enable SSL in the hosting panel.

How to create and configure a secure https connection

How to create https connection on a permanent basis

After placing the file on the server, you need to perform the internal configuration of the site. It will be necessary to set up a redirect and change all internal links from absolute to relative.

That is, instead of http://site.ru/img/bg.png set: //site.ru/img/bg.png.

It is necessary to remove HTTP from the names of links. If in doubt, then call a WEB programmer or freelancer, he will quickly set it up. You can search for links through the code editor in each file or find all the information through the search in PhpMyAdmin.

After setting up the links, you need to tell the search engines about the change. Open the robots.txt file and in the Host line: put HTTPS instead of HTTP.

Instead of http://example.ru, paste: https://example.ru.

After changing the search file, I'll set upautomatic site redirection from HTTP to HTTPS. Before proceeding, check the availability of the site on the HTTPS protocol. If all past actions are performed correctly, then errors should not occur.

To automatically redirect to a secure connection, paste this script into the .htacess file, some help:

RewriteEngine on

RewriteCond% {HTTP: X-Forwarded-Proto}! Https

RewriteRule ^ https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301, NE]

But in most cases this method does not work. In these situations, contact your hosting administrator, he will be able to make the correct settings. Redirect will start to work after the server is restarted, usually within 24 hours.

Also need to change the settings inpanel webmaster "Yandex" or Google. You will need to go to the point of the main mirror in the indexing settings section and install HTTPS. In addition, you will need to migrate:

  • sitemap.xml;
  • URL exceptions;
  • geolocation;
  • Links Disawov Tool for Google.

After that, it remains to wait for the end of reindexing. During this period, the activity on the site will decrease, but then everything will stabilize.

How to make https connection in WordPress

Modern blogs and portals mostly workon WordPress, they need to follow the same steps to go to https (get a certificate, change links, etc.). But they have a set of built-in plug-ins that will perform all actions for the owner:

  • easy HTTPS redirection;
  • HTTPS (SSL).

The first replaces the links, and the second allowsspecify SSL certificate. Also, go to Settings-> General. Here you need to change the URL and specify the HTTPS protocol. Make sure that the old pages also have a secure connection. After changing the links, configure the redirect and edit the robots.txt file.

There should be no more questions on how to makehttps connection on the site. On most hosts, to enable the protection mode, you only need to write to tech support. They will appoint a specialist, and he will perform the setting.

Similar news


What is an HTTPS port, and what are the ways to open it

What is an HTTPS port, and what are the ways to open it

How to make a redirect from http to https, and why is it needed?

How to make a redirect from http to https, and why is it needed?

Configure the proxy server in the Opera browser.

Configure the proxy server in the Opera browser.

SurfOffline - the program for downloading the entire site

SurfOffline - the program for downloading the entire site

On a journey over the Internet. URL

On a journey over the Internet. URL

How to delete a site or its fragments from the Google index

How to delete a site or its individual fragments from the index

Sites content aggregators: limitless sea of ​​information in one resource!

Sites content aggregators: the boundless sea of ​​information in

How to make a microloan online and receive money in 15 minutes?

How to make a microloan online and receive money in 15 minutes?

Why does not it work

Why does not the "Kiwi" purse last?

Children's toy: interesting and safe

Children's toy: interesting and safe