Moving to HTTPS: Five important steps

It’s nearing the end of the year, and it’s important that you switch your site to HTTPS soon, and get it done right as Google will be enacting changes from January. We’ve heard some horror stories about hosting companies applying HTTPS without informing site owners. If this happens to you, it will result in a drop in rankings. You need to get your site prepared ahead of time for a smooth transition.

There are five basic steps for switching your site to HTTPS. Here are the basics:

  1. Get the HTTPS certificate from your service provider. Make sure it’s a 2048-bit certificate, for the highest security. Your host should handle the purchase and installation. Investigate what type of certificate you need, as it varies depending on how many sub-domains you have.
  2. Remove all the HTTP references on your site. Search for JavaScript, CSS files, embedded videos or anything that goes into creating your pages. This won’t be automatic; you’ll have to do each page individually. Check external resources such as widgets, as well, as they can also have an effect.
  3. Redirect all the HTTP references to the correct HTTPS pages. Set up the HTTPS version in Google Search Console.
  4. Leave the old HTTP in Google Search Console alone. We presume that Google will use that as a comparison reference. Set up your HTTPS sitemaps in Google Search Console, along with your HTTP sitemaps. A little counter-intuitive, I know, but that’s what Google’s asking for.
  5. Once you’re sure you have everything in place, run a check using Screaming Frog or something similar. Do a protocol check to make sure that the only HTTP references are external links, and not actually part of your site, then closely monitor your site for the next week or so.

This article was first published on

Jim Stewart is a leading expert in search engine optimisation. His business StewArt Media has worked with clients including Mars, M2 and the City of Melbourne.


Notify of
Inline Feedbacks
View all comments