SSL certificates and HTTPS

.[lead]. Nowadays it is a matter of course and even necessity that your website runs on HTTPS. If not, browsers will mark it as untrusted.

There are 2 things needed for a website to work properly on HTTPS:

  1. redirect the site from HTTP to HTTPS
  2. Have an active SSL certificate on the hosting
1. How to redirect a website from HTTP to HTTPS

This depends on what type of site you have. If it's a regular site, checking HTTPS via our Administration (see below, this is done at the same time as activating the SSL certificate) should be enough.

Or you can set it up yourself in your site in the .htaccess file by adding these lines:

RewriteEngine on
RewriteCond %{HTTPS} off # condition that the current protocol is HTTP
RewriteCond %{HTTP_HOST} ^(www\.)?vasedomain.end # condition that this is a www subdomain or no subdomain
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # the actual redirect to HTTPS protocol

What this entry does is that if someone visits your site on HTTP, it will redirect them to HTTPS.

However, some sites may be programmed differently, and this entry will not be sufficient for them. Typically, this is the case with WordPress, where, for example, the „Really Simple SSL“ plugin needs to be installed:https://cs.wordpress.org/…-simple-ssl/. This should handle the redirection to HTTPS.

2. How to activate SSL certificate on hosting

At Blueboard.cz, certificates are free and are activated in Administration → My Domains → select domain → Activate certificate button. A window will pop up, where you can choose whether you want to redirect the site to HTTPS right after activation. You confirm and within 15 minutes your site is running on the secure HTTPS protocol.

If you're wondering what this is for and why you have to turn it on

HTTP and HTTPS are the protocols through which your browser communicates with the website you are currently visiting. Over these protocols, data flies from the server to your browser and displays the web to you. When you enter, for example, your password into the website, the data flies back to the server via these protocols.

The difference between HTTP and HTTPS is that HTTPS is encrypted, so if you enter your password somewhere on the web, no one can intercept it along the way and steal it from you.

The web can communicate with you on both protocols, but as of a certain point, communication on the HTTP proxy is now considered insecure. So they're moving to HTTPS en masse.

For HTTPS to work properly, you still need to have an SSL certificate installed on your site. This is usually provided by your web host, it is set in the hosting administration. Certificates used to be paid for, but then came Let's Encrypt certificates, which are free and now commonly used.

© 2001-2023 Blueboard.cz s. r. o.