Now you have the first step done(getting the certificate), you next step is to check for mixed content. Things like warehoused images or other resources that are referenced by a full URL that contain http and change them to https.
Why no padlock can help with that:
https://www.whynopadlock.com
After that’s done then you should redirect non secure requests (http) to the secure forum (https).
There’s a ton of posts on this forum that address doing that, most often it’s done with.htaccess file.
Thanks Doug. I think I know what to do now. This is some work, but I guess it’s “do only once” work, and a good move forward. I have seven sites and only one that I’m concerned about Google ranking, so changing the others is not important to me at this time.
1 Like
It’s good if you can to change them all. It’s not just about ranking, I would guess it won’t be long before it becomes a lot more than just a little warning in the address bar. I can see in the not to distant future a much more extreme warning, like the ones you get with a bad certificate.
So even if it’s not important now, I would put it on your todo list.
I’ve just written a blog post about this: https://blog.realmacsoftware.com/remove-not-secure-rapidweaver-https/
There’s also a video on there showing you how to add your site to CloudFlare — I recommend CloudFlare for most users. It’s a free service and allows you to easily add HTTPS to your site (as well as giving you a CDN, caching, DDOS protection, and more!).
Yeah, CloudFlare will block ftp. They are doing a lot more than just a certificate, preventing other attack’s.
They block most ports to your server including ftp, so take a look at that article, it gives two options to fix this.
Bluehost tells me this is automatic after 24 to 48 hours. I will wait and see.
I don’t believe Bluehost is correct. I had to add a .htaccess file, and now it redirects.
1 Like
My host posts this notice. Does that mean it is https?
SECURE SOCKET LAYER SERVICES
At Netfirms, any file that you can access via your domain can be accessed through a Secure Socket Layer (SSL) connection as well.
To access any of your files through a SSL connection, use the following URL:
https://widman.netfirms.com/
… where is the name of any file in your web directory.
Files in subdirectories will work too. Just use
https://widman.netfirms.com//
… where is the name of any subdirectory.
1 Like
It would mean you have a certificate (SSL) on your domain. So you can access your site through HTTPS. You will need to check for mixed content, fix anything that is considered active mixed content. Then you should redirect all HTTP traffic to HTTPS.
https://www.whynopadlock.com Will help identify the mixed content.
1 Like
ok, where are these certs are FREE where you can sue them on any hosting site??
Hi, Michael, if you mean “where you can see them on any hosting site”, it was explained in my previous post:
Some host do not provide FREE certificates. Instead, they expect to be paid for them. So, if you’re in doubt, ask your host. If they don’t have free certs, find another host.
1 Like
This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.