As you probably know, Google Inc. for a long time motivates users to move their sites to HTTPS protocol due to web safety, and since January 2017 started to mark HTTP sites that gather passwords and cards information as non-secure. Google Inc. going to make this with all HTTP sites!
So if you decided to make your WordPress site more secure and optimized, but don’t know how, here’s a little and simple instruction to do it quickly and easy! To make this you just need to have access to the domain name control panel and to the WordPress admin area. Before you start – create backups of your site and database.
Firstly, you need to register on CloudFlare site, after that find “Set Up Websites” form and click “Begin Scan”. Now your service started to scan DNS records of your domain. In the case CloudFlare won’t find any records you may look for solution in hoster’s server settings.
So, look at your DNS settings and check whether such entry like this exists:
A domain.com 000.000.000.000
And if you don’t find it, add it manually.
Аis record type
domain.comis your domain name without www
000.000.000.000is your server’s IP address
And don’t forget to check if MX records of a domain name exist in the settings. And if you need to add alias www just add next record:
CNAME www domain.com
domain.com is your domain name.
If everything goes well, CloudFlare will inform you about new NS server parameters you have to change in the domain control panel. After you finish that, go back to the CloudFlare, find SSL menu on the Crypro tab and select Flexible.
In your WordPress admin area go to Plugins -> Add new, install and activate 3 plugins: CloudFlare, CloudFlare Flexible SSL and Better Search Replace.
This plugin will allow you to control some cloud parameters in WP admin area.
Now enter email address, you indicated upon registration on CloudFlare and API in the plugin settings. In order to get API Key follow the next path: CloudFlare.com -> My settings -> Global API Key –> View API Key and paste it in plugin settings. Right after plugin authorization process finished click Apply on Apply Default Settings menu item.
Better Search Replace Plugin
This plugin helps to search and replace such Database parameters as HTTP protocol in menus, plugin settings, modules, data and in other places. But you’d better don’t do this if you have external links and images on your site. Otherwise you can apply this simple algorithm:
In Tools menu of WordPress find Better Search Replace and in field Search for enter http://
In field Replace with enter https://
Select all tables, check Searches are case-sensitive by default and uncheck Run as dry run?
Click Run Search/Replace.
In WordPress Settings choose General and change WordPress Address (URL) and Site Address (URL) to
That’s all! In 48 hours your site will work on HTTPS.
In addition to security issues, search engines like HTTPS sites much more. To help search engines find you correctly indicate your new site address in Google Search Console. As you see, the site moving procedure is very simple, but very useful. Besides that, you have to do it anyway, because of Google security policy, so let’s do it as soon as possible.