My website says is not https and that is not safe. I have no idea how to make it https so my clients feel it is safe. For someone who has no idea on to move from http to https can someone walk me thru how to do it. Any help more than welcome.
An SSL certificate is required. Does your hosting provider provide āfreeā SSL certificates such as Lets Encrypt?
My hosting provider Siteground provides free Lets Encrypt thats is a simple one click install from the C Panel.
You then need to change your website address in Sparkle info panelā¦
Also if you have any documents such as images or media that is referenced outside of the Sparkle project file then you also need to change their URL to https://www.mywebsite.co.uk/images/image_1 as an example so they are not still referenced as http etc
Hope this helps,
Best,
Scott
4 Likes
If you are likely to have content linked to your website from http sources, you need to add an .htaccess file to the root of your domain containing the following:
Header set Content-Security-Policy: upgrade-insecure-requests
This will force the loading of http content into your web pages via an https request. If the content being accessed is not available via an https request, that content will not be displayed in your page, but your page will remain secured. If you donāt use this option, if your page attempts to display content via an http request, the content will display, but your page will become insecure.
2 Likes
@webmaker, Both @rimram and @francbrowne āare on the moneyā!
The one other thing Iāll had (which is also done in your cPanel) is force HTTPS by the function āDomain Redirectā. Although you have attached a SSL Certificate users that input (and even Google can do this) āhttp://wwwā or āwwwā can still rockup to your website with the āthis site is insecureā message popping up which just sucks!
So redirect all www and non-www onto https://yourdomain.com
2 Likes
@FlaminFig Thats a nice tip as well 