Upgrading to https

[fagricipni]

I am trying to make sure that I know all of the steps that I need to take to make my websites use https rather that http.

First, I understand that I have to put a request in through the QuestAdmin form to each site to use a Lets Encrypt certificate. Since this costs $20 per site, I'll do it one site at a time.

Then I change the .htaccess file to redirect http requests to https requests.

Then I should change any "http://" references in my pages that refer to my own pages to "https://" (I understand that the change to .htaccess make this step strictly unnecessary, but I'll do it anyway.)

[Bob]

Quote:

Originally Posted by fagricipni

First, I understand that I have to put a request in through the QuestAdmin form to each site to use a Lets Encrypt certificate. Since this costs $20 per site, I'll do it one site at a time.

Then I change the .htaccess file to redirect http requests to https requests.

Then I should change any "http://" references in my pages that refer to my own pages to "https://" (I understand that the change to .htaccess make this step strictly unnecessary, but I'll do it anyway.)

Step 1 is correct, however Step 3 should be done before Step 2 and changing the .htaccess file will NOT correct all HTTP references...

Before Step 2 you would want to make sure all internal navigation is updated to HTTPS just for sanity's sake but most importantly you must update any coding in your web site that refers to images from HTTP to HTTPS to avoid the Dreaded "insecure site and mixed-content warnings", this includes background images, if used.

-Bob

[Kevin]

It should also be mentioned that step 1 is per FutureQuest account not per domain/site. If your account has IRs (I looked at both of yours and they don't but this will apply to others) the IRs will be covered i the same certificate at the same price.