How to Add WordPress HTTPS to Your Website and Improve SEO

Back in 2014, Google made the announcement that HTTPS was officially a ranking factor for Google search. That one little decision took HTTPS from thing that only eCommerce stores need to worry about to something every WordPress user should implement if they want to maximize their search rankings. But as important as it is, WordPress HTTPS is, thankfully, also surprisingly easy to implement. Heres how to add WordPress HTTPS to your website.In this post, Im going to show you exactly how to add HTTPS to WordPress using a live production site. Ill cover everything from implementing HTTPS  on your WordPress site to updating Google Analytics and the Google Search Console.Step 1: Add WordPress HTTPS by installing your SSL certificateWeve already discussed some sources for cheap WordPress SSL certificates, so you might want to take a quick detour there if youre not sure where to get started. Because SSL certificates are what get you the HTTPS connection for your WordPress site, the two ter ms will be used interchangeably in this article.If youre using shared hosting, the easiest SSL certificate for you to implement is Lets Encrypt. As Sufyan discussed, Lets Encrypt certificates have the advantage of being both free and widely supported by hosting providers.That second point is essential, because unless youre hosting your WordPress site on a dedicated server, youll need your hosts support to install an SSL certificate.So, to get your Lets Encrypt SSL certificate installed, I recommend you contact your hosts support or consult their knowledge base. Unfortunately, I cant give you exact instructions because the specific process will vary depending on your host.For example, with SiteGround I just need to click one button in my cPanel, but your host might be different:Once your SSL certificate is installed, you can verify that its active by going to https://yourdomain.com. If the certificate is properly installed, you should see something like this:Google is telling you tha t the SSL certificate is active, but the connection still isnt 100% private due to some issues well fix in the next step.On the other hand, if your WordPress HTTPS  is not properly installed, youll encounter something like below and will need to contact your host:Step 2: Install and configure the Really Simple SSL pluginRemember how I said you need to fix some issues to make your SSL certificate function properly? The Really Simple SSL plugin is the easiest way to do that.Google gives that connection is private BUT warning because your WordPress site still includes images or other media which are inserted using the regular http:// URL, rather than your new https:// URL. To fix the issue, you need to go back and update every single image link to https://.Luckily, you dont need to do that manually. The Really Simple SSL plugin will handle that for you. The plugin will also make two other important changes:It updates the URL for your site to HTTPS in the WordPress settings.It adds a 301 redirect to send all human and search engine traffic to the HTTPS versions of your pages. This is essential to avoid a potential duplicate content penalty in Google.To handle all of this, install and activate Really Simple SSL. Really Simple SSL Author(s): Rogier Lankhorst, Mark WoltersCurrent Version: 3.2.6Last Updated: October 15, 2019really-simple-ssl.3.2.6.zip 98%Ratings 19,039,878Downloads WP 4.6+Requires After the activation, you should see a popup like this:Click Go ahead, activate SSL! After clicking the button, youll likely get signed out of your dashboard and be asked to sign in again. Dont worry this is a natural consequence of changing your WordPress URL from HTTP to HTTPS. Just sign in again with your normal username/password.You should see that the URLs in your General Settings now have HTTPS:To make sure all the other SSL settings were properly updated, go to Settings → SSL.  You should see green checkmarks next to all the settings:Step 3: Verify WordPress HTTPS  success on the front-endNow, you should go to the public parts of your site and verify two things:First, make sure that if you enter your URL as http://yourdomain.com, it automatically redirects you to https://yourdomain.com.Then, make sure that you see the green padlock on all of your sites pages. If youre using Google Chrome, it should look like this:Thats all you need to do to add WordPress HTTPS! But, you still need to take care of a couple housekeeping issues if youre using Google Analytics, a CDN, and/or Google Search Console.Step 4: Update your sites URL in Google AnalyticsTo keep your stat tracking accurate, you need to change your URL in Google Analytics from HTTP to HTTPS. To do that, go to Admin → Property Settings. Then, change the dropdown from http:// to https:// under the Default URL setting:Make sure to save your settings. The tracking code you added to your WordPress site will stay exactly the same, so you dont need to update anything beyo nd this page.Step 5: Create a new property in Google Search ConsoleUnfortunately, if youre using Google Search Console, you cant just simply change the URL for your site. So, to create an updated property, youll need to create a new version for HTTPS. Go to the Google Search Console site and click Add Property:Notice how I have two versions for my portfolio site? Thats because I recently switched it to HTTPS.Follow the steps to add your site. You should also add a sitemap for the HTTPS version of your site:Once youve added the HTTPS version of your site, everything about Search Console will function just like before.Step 6: Update CDN  URL to HTTPSIf youre using a CDN (content delivery network), youll likely need to update your URL in your CDN settings as well. Because the exact process will depend on the specific CDN youre using, I cant give you specific instructions.You should contact your CDN or review your CDNs support documents to determine if/how you can update your URL to H TTPS.If you have no idea what a CDN is, you can totally ignore this step!Step 7: Update any links you control to HTTPSIf you link to your WordPress site from any social media profiles or other external sites, you should update all of these links to point to the HTTPS version of your site. You can also email any friendly webmasters who link to you and ask them to update the URL to your site.This isnt an absolute necessity because the Really Simple SSL plugin added 301 redirects to automatically send HTTP traffic to HTTPS. But, it is a best practice, and eliminates the need for redirects.Will switching to WordPress HTTPS cause a temporary rankings dip?Google has been pretty clear that SSL is a positive ranking factor. But, some people are worried that the actual process of switching to WordPress HTTPS  might cause a temporary rankings dip.I only recently decided to add WordPress HTTPS  for my site, so I cant say whether it will affect organic rankings from firsthand experience (Go ogle hasnt re-crawled my site yet). But I have read quite a bit about the subject and the general consensus seems to be that there is no significant temporary rankings dip. As far as URL changes go, this is a pretty minor one, and one that Google can easily understand.If you have any further questions about how to add WordPress HTTPS, let me know in the comments, and Ill try to help!Free guide5 Essential Tips to Speed Up Your WordPress SiteReduce your loading time by even 50-80% just by following simple tips.