• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » WordPress SSL Setup Tips, Tricks and Planning

By Abhishek Ghosh August 3, 2014 5:40 pm Updated on August 10, 2014

WordPress SSL Setup Tips, Tricks and Planning

Advertisement

Old WordPress SSL Setup demands tips, tricks and planning to implement and not harm SEO. What we have described is industry’s standard, unlike using cheeper hosting, PHP dependent redirection like written in many websites.

They can be popular and easy method but, know it very well; they has inherited risks of becoming PHP ( Read Apache2 ). First Extended Validation Certificate is not required by the most – simple logic to understand – Google usually uses non-EV but wildcard SSL certificate for their own usage. It is about insurance not really about the method of encryption. Self Signed SSL will do the same work, but as it invokes warning, we ask to avoid for using self signed on public pages.

You can see our SSL Certificate by clicking the padlock icon telling “HTTPS” on the address bar :

Advertisement

---

Vim
1
https://thecustomizewindows.com/robots.txt

 

WordPress SSL Setup Tips, Tricks and Planning – Sales Pitch Does Not Work

 

If you are a client of Rackspace, ask them whether we are telling you the wrong. It is the brand of Certificate Issuing Company, the grade/reputation of IP a Server Provider which matter most. Secondly, if you follow his method, your all Social Sharing count will go away. The only way to redirect is from either Apache2 configuration file (best) or .htaccessfile. You must keep the Social Sharing Count to older higher one and selectively redirect http to https url. Yes, 301 redirection possibly do not harm the SEO but at least DMOZ bot flags the 301 redirection and automatically can delist – quite dangerous, you must inform the Editors on any Officially accepted DMOZ Editors’ network. Practically that above URL is a landing page to either send traffic to vps.net as affiliate or make to buy his products. Please read our articles on SSL or if you can not trust us, you can on Wikipedia. I think this is good must be logically said with data and analysis – that is what for the journals are published. EV certificate will be used by login page to very important page like Rackspace Cloud Account Login Page :

Vim
1
https://mycloud.rackspace.com/

We can show you, it is possible to retain the number of social Likes, shares even if the HTTPS address is used by our method. His method will change all the calls to get executed by the HTTPS version of files – you can do it, you’ll see, even HTTP url has all zero count. Why we will loss the 3K+ natural Pinterest share stat like in this post ? You can use our commands, methods on all standard web hosting service provider – Rackspace, Digital Ocean, Amazon, Dell, HP, Fuzitsu, Akamai to PaaS like Heroku, OpenShift – there will be no difference. Essentially HTTPS is a protocol. We only save the files on server, how we will server; which protocol we will use, that depends mostly on practical aspects. Actually the path of SSL material should be different from non-SSL. Otherwise via non-secured port 80, the content can get contaminated with malwares and pushed via port 443. All good website uses multiple servers behind as nodes and a load balancer in front. We can selectively serve the readymade pages as HTML via port 443 to enhance security. Load this page with HTTPS url and think why the counters remaining the same :

Vim
1
https://thecustomizewindows.com/2013/06/what-camera-mode-to-choose-depending-on-the-situation/

Frankly, its nothing – we are using the certificates on the Rackspace’s load balancer ! Simply think, why you’ll make a stuff too much complicated when you have some easy way to use? Why there is alert or the pad lock is not appearing can be tested here :

Vim
1
http://www.whynopadlock.com/index.html

This the result of debug :

WordPress SSL Setup Tips, Tricks and Planning

Only change you need to do is – use the HTTPS FQDN of the Rackspace Cloud Files container, if used as CDN. This will ensure serving of Encrypted static materials to automate the SSL migration.

 

WordPress SSL Setup Tips, Tricks and Planning – It Is Redirection, Nothing Else

 

So, except the blog is new, there is no need to anything for the sake of WordPress only. Nothing. You will plan how to fix the points, like we should change the static materials URLs to secured one – best way is to wget the whole website, manually edit the source code and place on a different server (there are automated ways – obviously it is different topic), open port 443 of this new server (node behind the loadbalancer) and add rules to redirect. There are lot of changes which are needed. Google has many subdomains where both HTTP and HTTPS both works. It is not couple of days work. You should change the url in all webmasters’ accounts.

Practically if we had fixed the static materials urls to https – this page would go https without trouble. As long HTTP 2.0 is not becoming the standard, we can work a bit plan-fully , taking the needed time.

 

WordPress SSL Setup Tips, Tricks and Planning – OK, Only WordPress Part

 

Old non encrypted website is old. You should plan about newer part. You can install WordPress on different path of the same server like /var/www/ssl/ and nicely craft the category pages, many links slowly – it is a huge work. This will ensure that new posts are always of newer secured installation, when people / visitors will share, they will share the HTTPS one. Also you have to change the url in syndication tools, Twitter card – lot of works. There are more external work – these can be planned by a Cloud Consultant like we have on Rackspace. We will not know what can create an issue for a different protocol on a device and browser we never saw. Ordinary visitors will fly away if they face any security prompt – they are really dangerous to read. To force HTTPS, you only need to add these on wp-config.php file :

Vim
1
2
3
4
5
6
define('FS_METHOD','direct');
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
     $_SERVER['HTTPS']='on';
// change the url from ours to yours
define('WP_HOME','https://thecustomizewindows.com');
define('WP_SITEURL','https://thecustomizewindows.com');

The last two lines are forcing the /wp-admin/options-general.php page’s WordPress Address (URL) and Site Address (URL). There is a Plugin that Rackspace managed installs on WordPress sites – Root Relative URLs Plugin :

Vim
1
https://wordpress.org/plugins/root-relative-urls/

All bigger websites who runs multiple WordPress (impossible to guess from outside) uses this plugin. What SEO can be related to a static file?
Try to avoid Plugins like WordPress HTTPS (SSL) which mainly uses PHP. 301 redirection is not the right way to serve a page – you can check this url on webpagetest.org :

Vim
1
2
3
https://yoast.com/video-seo-wordpress/
# webpage test
http://www.webpagetest.org/result/140803_Y6_HMF/1/details/

yoast's knowledge

This is what the bots will also get while crawling from another website – past was, essentially past.
There are hundreds of websites to help you how to use .htacees or Apache 2 config file to rightly redirect if at all needed.

Converting a website to HTTPS (SSL) is difficult than using a new WordPress with HTTPS (SSL) by default. Take that, you’ll have to serve the new content from a different website – http and https is not the same, PHP redirection can badly fail; it is mandatory to check the error logs regularly.

You should change the hand coded http urls to https to avoid 301 redirection within your own website (it is bad, quite bad – you are not directly giving link juice on your own website, may be Google can forgive for links from other websites but its bad to have 301 on own website). It is called MySQL replace function :

Vim
1
http://dev.mysql.com/doc/refman/5.1/en/string-functions.html#function_replace

We can easily replace all the embedded, hand coded post urls by running sql queries :

Vim
1
2
3
4
5
# search this website with mysql to get results
# which will guide you to use mysql from command line
# login to mysql server
mysql -h hostname -u username -p database name
# mysql interactive mode will start

Vim
1
2
3
4
5
6
# changes the stuffs in wp_options table
update wp_options set option_value = replace(option_value, 'http://yourpress.com', 'https://yourpress.com');
# changes links in wp_posts table
update wp_posts set guid = replace(guid, 'http://yourpress.com', 'https://yourpress.com);
# changes links in wp_post content table
update wp_posts set post_content = replace(post_content, 'http://yourpress.com', 'https://yourpress.com');

There is WordPress plugin, but it can dangerous to run sql queries being within WordPress. Always take backup for any step – backup of servers, backup of FTP and backup of MySQL database. No backup is a backup unless it is tested to be rightly working. Also, many supplies information about // which are not right, that is called hierarchical part of the URI :

Vim
1
http://en.wikipedia.org/wiki/URI_scheme#Generic_syntax

Try to load a non-https webpage appending // :

Vim
1
2
3
4
5
6
7
8
http://www.askvg.com/wp-content/plugins/akismet/_inc/form.js?ver=3.0.1
# will not load on GET request as there is no corresponding HTTPS url
//www.askvg.com/wp-content/plugins/akismet/_inc/form.js?ver=3.0.1
# It does not work because
https://www.askvg.com/wp-content/plugins/akismet/_inc/form.js?ver=3.0.1
# does not exist
# similarly it will not work
file://www.askvg.com/wp-content/plugins/akismet/_inc/form.js

But with both HTTP and HTTPS :

Vim
1
2
3
http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
# ssl
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

scheme-relative prevent warnings like that of self signed SSL certificates when ran from script; historically in CGI Scripting, also read these :

Vim
1
2
https://bugzilla.mozilla.org/show_bug.cgi?id=362259
http://stackoverflow.com/questions/4831741/can-i-change-all-my-http-links-to-just

We want to tell you – try to avoid this for CDN or static files.

This Article Has Been Shared 696 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to WordPress SSL Setup Tips, Tricks and Planning

  • Installing Drupal on Rackspace Cloud Sites Guide

    Installing Drupal on Rackspace Cloud Sites is a bit tougher than installing WordPress or even installing Magento for the beginners.

  • Streaming Video and Audio from Server using VLC Player Video Guide

    Streaming Video and Audio from Server using VLC Player Video Guide shows how to configure Rackspace Cloud Server with VLC Player to stream your Audio or Video.

  • Hybrid Security for Hybrid Cloud

    Hybrid Security for Hybrid Cloud – Securing a hybrid cloud, poses great challenges. Not only for the users but also for the providers, it is not enough simple.

  • Shell Access on OpenShift

    Shell Access on OpenShift is possible through the command line tool. Basic UNIX commands and their own commands can be executed on OpenShift PaaS Cloud.

  • Points to Consider While Switching to Cloud Computing

    Points to Consider While Switching to Cloud Computing should be given importance for both web applications and enterprise applications, simply to save money.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • What is Voice User Interface (VUI) January 31, 2023
  • Proxy Server: Design Pattern in Programming January 30, 2023
  • Cyberpunk Aesthetics: What’s in it Special January 27, 2023
  • How to Do Electrical Layout Plan for Adding Smart Switches January 26, 2023
  • What is a Data Mesh? January 25, 2023

About This Article

Cite this article as: Abhishek Ghosh, "WordPress SSL Setup Tips, Tricks and Planning," in The Customize Windows, August 3, 2014, February 1, 2023, https://thecustomizewindows.com/2014/08/wordpress-ssl-setup-tips-tricks-planning/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT