There are several reasons for moving Magento online store to https:
- user’s information protection;
- SEO (Google ranks https sites better);
- website protection.
Everything seems to be great, your website will only benefit from moving to https from different point of views. But the crawler doesn’t know by default that http://example.com and https://example.com are the same sites and indexes your http version and https version as separate. It looks like duplicated content and it’s bad. It means that you have to change URLs to the new ones (with https). It is hurting for SEO because when Googlebot visits your http pages it doesn’t replace it with https URLs at the moment. When the crawler finds 301 redirects it will remove the page from the index and will go to the new one and will index it. It will take some time for the new URL to get the positions that the old one had. The process of replacing all URLs takes up to 6 months.
You will see your positions falling and slow rising again. Low positions = less visitors = less conversions. It isn’t pleasant at all but you still need to move your Magento store from http to https.
How to move Magento online store from http to https correctly?
You can make this transferring process less painful as it could be. The right moving to https looks like that:
- Add https version to Google Search Console. Submit sitemap on the https version of the website and on Search Console. The crawler will start to index the new pages. Don’t forget to add robots.txt file.
Common issue: http links in the HTML. Check if all links in HTML code have URLs with https (pages, scripts, images, css, etc.). It is even better to place relative links to prevent mixed content errors. - Add https website sitemap to your http website. Add the link to it in robots.txt as well.
- When most of your https pages are indexed (check this information in Search Console) add 301 redirects on http pages. It is important to add 301 not 302 redirects because the first one shows the crawler that the page was moved permanently while the second one shows that it was moved temporarily.
Common issue: wrong redirects. Check if 301 redirects lead to the same pages of https version. For example, the redirect at http://example.com/category has to lead to https://example.com/category (not to https://example.com). The redirect at http://www.example.com/category has to lead to https://example.com/category (not to http://example.com/category or https://example.com/). There is shouldn’t be a chain of 301 redirects.
You may find out that your http pages redirect to the main https page. Check if there is NO in the option Auto-redirect to Base URL Stores at Configuration > General > Web > Url Options > Auto-redirect to Base URL. If there is 302 or 301, change the option value to NO.
How to set https URLs in Magento?
You need to change base URLs settings in the admin area (see the screenshot).
Open System > Configuration > General> Web> Unsecure/Secure.
In the section Unsecure set Base URL with https. Point the same in the section Secure at Base URL. Make sure that there is YES in the option Use Secure URLs in Frontend and Use Secure URLs in Admin.
How to set https URLs in Magento 2?
The settings are the same as for Magento 1. Open Stores > Configuration > General > Web> Base URLs/Base URLs Secure
In the section Base URLs set Base URL with https. Point the same in the section Base URLs (Secure) at Base URL. Make sure that there is YES in the option Use Secure URLs in Storefront and Use Secure URLs in Admin.
Check your Magento store for Mixed Content errors when the settings are done. It can be found via using different SEO tools like Screaming Frog or Semrush. Such tools will show what elements in HTML have http in its links.
When you’ve got a list of elements, you have to find these URLs in the templates or the database and change them to required ones.
