Switch Entire Magento Store Over to HTTPS

Since Google made the announcement that serving your website’s web pages over a secure protocol (HTTPS) will become a ranking factor back in August 2014 , many brands have made the necessary changes to serve their entire website over HTTPS (as opposed to just pages that contain potentially sensitive data like checkout, login and account URL’s).

We still don’t consider this critical as how it weighs up as a ranking factor is still relatively minor but over the next few years, it is probably fair to say that we can expect this to be strengthened as a ranking factor but let’s face it, there is certainly no harm in serving all pages of your website to your customers securely.

If you’re running a Magento store, follow the below steps to switch over to an all-HTTPS Magento store.

First up, we need to configure Magento to run all the time on HTTPS so navigate to the following location in your Magento back office:-

System > Configuration > GENERAL > Web

Open up the ‘Unsecure’ and ‘Secure’ tabs from the accordion and modify the ‘Base URL’ in each to include the HTTPS protocol like the below:-

Setting Secure Base URL's in MagentoSetting Secure Base URL's in Magento

With these now in place, every page on the frontend of your Magento store should be loading on HTTPS.

Next though, you’ll need to ensure that anyone accessing your web pages on the old HTTP URL’s get redirected to the HTTPS counterparts by inserting this in your Magento root .htaccess:-

Ensure the above is inserted somewhere shortly after RewriteBase /

As with most things Magento, there will of course, be a number of ways of implementing the necessary to serve your entire Magento store over HTTPS. You may also find that the above rewrite rules in the .htaccess file conflict with existing rules.

If you run into any difficulty or want to share your thoughts or experience, please leave us a comment below. You can learn more about website SSL and what to expect with this recent algorithm change over at Search Metrics’ HTTPS as a ranking factor – how to handle it.

Geoff Jackson

Geoff Jackson (more commonly known by his online pseudonym zigojacko) is the founder of Design Haven and The Clubnet Group which hosts numerous agencies including the most widely recognised of them, Clubnet Digital, a full service digital marketing and creative design/development agency. He also has a personal blog but it doesn't get updated as much as he'd like.

Sponsored Links...

Subscribe to Design Haven UK

Enter your email address to subscribe and receive our new posts by email.

2 Responses

  1. Yechiel says:

    Great. for me i also add  RewriteRule ^/?$ “https\:\/\/www\.adcs\.co\.il\/he/” [R=301,L]

    because i need /he default.

    but in this rule it make to much redirection.

    any idea?


Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: