Development
Web Development
HTTP
HTTP to HTTPS - Secure your Website with SSL for Free
4.6 (349 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
3,222 students enrolled

HTTP to HTTPS - Secure your Website with SSL for Free

Fix connection "Not Secure" warning in Google Chrome. A complete guide to installing a free SSL certificate.
Highest Rated
4.6 (349 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
3,222 students enrolled
Created by Andrew Williams
Last updated 10/2019
English
English [Auto]
Preview this course
HTTP to HTTPS - Secure your Website with SSL for Free
Current price: $65.99 Original price: $94.99 Discount: 31% off
5 hours left at this price!
Buy now
30-Day Money-Back Guarantee
This course includes
  • 2.5 hours on-demand video
  • 5 articles
  • 6 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Understand why SSL is important.
  • Understand how SSL works.
  • Migrate an HTTP Wordpress website to HTTPS
  • Use AutoSSL if it is enabled on the host.
  • Setup redirects so Google will know the site has moved, and visitors will automatically be redirected to the secure HTTPS webpage.
  • Secure the Wordpress dashboard, so those that login always have a secure connection.
  • Check that SSL is working on all pages on a website.
  • Find and fix mixed content.
Course content
Expand all 37 lectures 02:22:28
+ Introduction
8 lectures 29:41

In this video, I'll introduce myself, and what you can expect from this course.

Introductions
Preview 06:38

SSL, TLS, confused?  This lecture explains what SSL is, and why you should implement it on your site.

What is SSL and Why Switch?
Preview 05:32

Since version 58 of cPanel, AutoSSL has been available to web developers. This lecture shows you how to check if your cPanel is up-to-date.

cPanel & AutoSSL
01:53

This lecture explains a little bit more about how SSL works.

How HTTPS Works
Preview 03:46

If your web host has AutoSSL enabled, you may already have an HTTPS version of your site available to you.  This video looks at how you can check.

Check if HTTPS is Already Enabled
06:25

So, with AutoSSL enabled, my sites now have both HTTP and HTTPS versions.  This is not a great idea and I'll explain why in this lecture

HTTP or HTTPS, Not Both
03:02

This lecture quickly goes through the type of web host you need for this course..

Which Web Host?
Preview 02:05

Taking backups of your Wordpress website is something we all should be doing on a regular basis.  That is especially true before any major work is done on a site.

Before you Begin: Backup your Site
00:20
+ CloudFlare Account
8 lectures 29:45

I am going to ask you to install Cloudflare on your site, so this video explains why.  I've been using it for years as a CDN to speed up my web page load times, and lower site downtime, but there are other great reasons to use this free tool.

Why CloudFlare?
06:19

This lecture will show you a simple view of how Cloudflare works as a proxy.

How CloudFlare Works
03:02

Let's create a Cloudflare account so we can start benefiting from this free tool.

Create a CloudFlare Account
01:38

In this tutorial, we'll add a website that we are going to want to convert to HTTPS.

Add your Site
04:01

Some web hosts work closely with CloudFlare.  If yours does, then you can access some of Cloudflare's features from within your cPanel.  All you need to do is connect your Cloudflare account with your cPanel.  We'll do that in this lecture.

Special Case: When Hosting Includes CloudFlare
01:39

To take full advantage of Cloudflare, you need to change the DNS at your registrar so that your site is now served directly from Cloudflare (which communicates with your web host).

Change DNS at Registrar
03:23

We've talked about certificates in this course, and edge certificates in the last lecture. Let me explain what these are and what they are for.

Types of SSL in Cloudflare
04:22

This tutorial should consolidate your understanding of SSL certificates and how they exert levels of security on a website.

Example Showing SSL Certificates
05:21
+ Setting up the Origin Certificate?
5 lectures 16:03

For full SSL (strict), you need a certificate on your server.  This lecture will show you how you can setup a free certificate using Cloudflare.

Choose Which Origin Certificate You Want
03:37

For those that have AutoSSL configured on their server, but want to remove AutoSSL, this lecture shows you how to exclude your domain from AutoSSL.

Exclude your Domain from AutoSLL
02:43

If you have a certificate installed on your server that you want to remove, e.g. the one created by AutoSSL, then this lecture shows how to remove those certificates, so we can generate our own Origin certificate in Cloudflare.

Uninstall cPanel Generated Certificates
02:13

Let's create a free origin certificate for our website using Cloudflare.

Generate an Origin Certificate
01:07

Let's install the origin certificate on our web server.

Installing the Origin Certificate
06:23
+ HTTP to HTTPS
13 lectures 40:53

When we log into the Wordpress Dashboard, we want the connection to be secure, so this lecture shows you how to force the secure HTTPS connection.

Secure the Dashboard
04:22

We want to get rid of the old insecure http version of every page on the site. This lecture will take you through the steps.

Redirect HTTP to HTTPS
05:19

If the dashboard does lock you out of a secure login, then this lecture explains how to reinstate the insecure login until you can find the issue.

If the Dashboard Locks You Out?
05:06

Just a quick video of the WP Fastest Cache Issue.

Wp Fastest Cache Problem
01:14

With the website conversion largely done, we need to check the site for SSL issues.  We will use a few different sites to check for issues, but the most important of these spiders your site to check all pages for SSL.

Check Your SSL
03:29

Mixed content causes problems by making otherwise secure pages, insecure.  It is important to find and fix this mixed content, and fortunately it's quite easy.  This lecture shows how to find and fix mixed content.

What is Mixed Content and How do We Fix It?
05:46

This lecture shows a real example of finding and fixing mixed content on a website.  I have attached a text file resource to this lecture that includes the URLs of the free tools I use in the video.

Example - Finding & Fixing Mixed Content
05:36

Sometimes it's "impossible" to fix the mixed content.  For example, it may come from a plugin that has not been updated, so the resources used by that plugin are insecure.  I had this issue on one of my sites with a plugin that I wanted to keep, simply because there was no viable alternative.  This is where a plugin can help.

Fixing the "Unfixable" Mixed Content
04:24

Do you have a robots.txt file?  

If you Use a Robots.txt File
00:11

Have you disavowed links to your site?

If You've Used the Disavow Tool
00:09

Don't forget to check any links you may have hard coded in your site.

Hard-coded links?
00:53

If you use Google Analytics, you might want to go in and change properties to the HTTPS prefix, but it is not essential.

If you are Using Google Analytics
00:38

If you use Google Search Console, you need to go in and add the HTTPS version of your site.  Google sees the HTTP and HTTPS versions as separate sites.  By adding it to search console, you'll be making sure Google knows about your "move".

If you are using Google Search Console
03:45
+ A Complete Run-Through
3 lectures 26:04

This lecture shows a complete run-through of the entire process, from adding the site to Cloudflare, to installing certificates and creating redirects.

Fishy Fats Website
15:41

If you decide to use AutoSSL, you may find that you get emails suggesting a problem with certificate renewal.  I get this on some domains constantly.  Although it usually does finally auto-update, it can be a stressful time.  This lecture shows you how easy it is to "upgrade" to a different certificate.

"Upgrade" from AutoSSL
09:22

This lecture is a list of all resources mentioned in this course.

BONUS Lecture :: Resources
01:01
Requirements
  • You should have, or intend to have a Wordpress website hosted on a web host using cPanel. Most hosting platforms do use cPanel..
  • You need access to your cPanel and Wordpress dashboard.
  • Your web host should support server name indication (SNI) for Full (Strict) SSL. Ask them if in doubt, but most good hosts will. Without SNI, you can still implement the Flexible SSL described in this course and get the https lock.
Description

Does your website show the connection as "Not Secure" in Google Chrome or other web browsers?   

Every day in the news we hear about new online hacking scandals.   People are aware of the need for increased security when going online, and maybe even shopping online. Trust is everything.  If you run a website, then you need to act now.  

Visitors to your website need to know they can trust you and your website.  

Visitors can easily check by looking up at the address bar of their browser.  If a web page is secure, they will see the comforting Padlock icon.  Google Chrome goes one step further and adds the word "Secure"  next to the padlock, just to reinforce the fact.  

If a web page is not secure, there is no padlock, and Google Chrome may even state "Not Secure".  

How would that kill the trust your visitors have for your site?

The industry standard for establishing a secure and encrypted link to a website is called SSL (Secure Sockets Layer).  This encryption ensures that all data moving between a web browser and a website server is private.  You can tell if a website uses a secure connection because the URL begins with HTTPS://.  The "s" in that prefix stands for secure, so https is the secure version of http.

To create this type of security, you need to have at least one certificate.  These are issued by certificate authorities, and used to cost a lot of money.  In fact, some still do.  However, in this course, I will show you where you can get a free certificate and how to install it so that your site is secure. In the process, we will also add our site to Cloudflare, a content delivery network that speeds up and helps protect your website from hackers and spammers.

In this course you will learn:

  1. What SSL is and why it is important for a website to have that https prefix.

  2. That Google actually count SSL on a site as a ranking factor.

  3. How HTTPS works and how to set it up on your website.

  4. That some web hosts may have already set up an https version of your site using something called AutoSSL.

  5. How to check if your site already has a secure version.

  6. Why sites can have both http AND https versions, and why this is a bad idea.

  7. What to look for in a web host to make the transition to https simple and pain-free.

  8. What CloudFlare is and why you should be using it.

  9. How to setup a free account on Cloudflare and then add your site to Cloudflare.

  10. How to change the DNS at your registrar.

  11. About the various types of SSL offered by Cloudflare.

  12. About origin certificates.

  13. How to exclude your site from AutoSSL and stop your cPanel from auto-generating certificates for you.  You'll see an example of why this can be a good idea.

  14. How to create a free origin certificate at Cloudflare and how to install it on your server.

  15. How to secure your Wordpress dashboard.

  16. How to get back into your dashboard if you accidentally get locked out in the process.

  17. How to set up redirects so that all of the old http web pages automatically redirect to the secure https version.  This type of redirect also alerts Google that the page has permanently moved to https.

  18. How to avoid a problem caused by a specific Wordpress caching plugin, and how to fix the problem if you still need to.

  19. How to check your SSL is working on all pages of your website.

  20. What mixed content is, how to find it, and how to fix it.

  21. That there are other places you may need to update links, including the robots.txt and hard-coded links you may have inserted in the past.

  22. How to update Google Analytics if you use it.

  23. How to update things in Google Search Console (Webmaster Tools) if you use this service.

The course was created to be hands on, so I show you every step of the process using one of my own sites as an example.  You can follow along as we go if you like.  At the end of the course I have included a second conversion, from start to finish in a single video.  This video has a text file you can download with all the steps, making this video and resource the ideal companion for you as you convert your own website. 


Who this course is for:
  • Wordpress website owners that want to move their HTTP site to the secure HTTPS
  • Anyone interested in learning more about SSL and why HTTPS is important going forward.