Webhosting – Configure HTTPS on Web

  Web Hosting

In this article, you will learn:

HTTPS Connection Prerequisites

In order for your Webhosting site to be able to use a secure HTTPS connection, you must first activate it in the customer administration panel in one of the following ways:

Force HTTPS

Simply turning on HTTPS on Webhosting does not mean that the site will automatically switch to secure mode. After successfully activating HTTPS and the certificate on the Webhosting, set the website to use a secure connection.

A secure website (with lock icon)

In your site’s administration or configuration file, edit the settings to use a secure connection. The settings may differ, for example:

  • change website URL to contain https://
  • force SSL or HTTPS in Settings
  • install a security plugin

To find out the best solution for your system, consult your web developer/admin or CMS support.

If the above settings are not available or not enough, add HTTPS redirect rules to the .htaccess file (in the www folder). Copy and paste these rules immediately below the existing RewriteEngine On line:

RewriteCond %{HTTPS} off 
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R=301,L] 
Header set Content-Security-Policy "upgrade-insecure-requests;"

Adding this code may cause our app installer to not work properly. If you encounter an error with the .htaccess file during installation, restore the default .htaccess temporarily and replace it with the automatically created backup after a successful installation.

HTTPS in Common CMS

  • WordPress: Change both URLs in WordPress administration panel >> Settings >> General.
Sample HTTPS settings in the WordPress content management system
Sample HTTPS settings in the WordPress content management system
  • Joomla: Open the configuration.php file and change the URL in the public $live_site variable. Update .htaccess with the above code.
  • Prestashop: In the administration panel, go to Store settings >> General >> Enable SSL and select Enable SSL on all pages.
  • Opencart: In the administration panel, go to  System >> Settings and choose a store. Select the Server tab and check Enable SSL. Update .htaccess with the above code.
  • Drupal: Update .htaccess with the above code.

Common Issues

Common issues with setting up HTTPS on your website include:

Website Error after Forcing HTTPS

Issue: After setting up HTTPS, the website displays either 404 Not Found, or Not found on Accelerator.

Cause: HTTPS is not active on the Webhosting itself, or the activation of the certificate has not yet been completed.

Solution: Make sure that the domain is added to the certificate and that at least half an hour has passed since it became activein the customer administration panel.

Broken Web – Mixed Content

Issue: After setting up HTTPS on the site, CSS stopped working, images and other media are not displayed.

Cause: If the main page uses a secure HTTPS connection, the browser perceives all resources loaded via the HTTP protocol as potentially dangerous and blocks them.

Solution: If you’re using your own code, go through it and verify that you’re specifying absolute file addresses with HTTPS, not HTTP. For example, update http://domain.tld/image.jpg to https://domain.tld/image.jpg.

If you’re using a content management system, for example WordPress, look up in its documentation or ask support how to fix mixed content.

Google Search Console Error

Issue: After forcing HTTPS, I see a redirection error on GSC.

Cause: If your .htaccess file uses the code RewriteRule (.*) https://%{SERVER_NAME}/$1 [R=301,L], there is a redirect from the non-secure version of the page to the secure one with a 301 (permanently moved) return code. Some diagnostic and analysis tools may see this as a problem.

Solution: Try disabling the problematic code by placing the # character at the beginning of the line. Thoroughly test that this modification did not break HTTPS.

FAQ

Question: How do I check that HTTPS is working correctly?
Answer: Enter the address of your website with http (http://domain.tld) in the browser. If you have everything set up correctly, the address will automatically be corrected to the https version and typically marked with a lock icon. If this does not happen, carefully go through the steps of the guide again, including editing the .htaccess file.

Děkujeme za zpětnou vazbu!