Since Google made the announcement that serving your website’s web pages over a secure protocol (HTTPS) will become a ranking factor back in August 2014 , many brands have made the necessary changes to serve their entire website over HTTPS (as opposed to just pages that contain potentially sensitive data like checkout, login and account URL’s).

We still don’t consider this critical as how it weighs up as a ranking factor is still relatively minor but over the next few years, it is probably fair to say that we can expect this to be strengthened as a ranking factor but let’s face it, there is certainly no harm in serving all pages of your website to your customers securely.

If you’re running a Magento store, follow the below steps to switch over to an all-HTTPS Magento store.

First up, we need to configure Magento to run all the time on HTTPS so navigate to the following location in your Magento back office:-

System > Configuration > GENERAL > Web

Open up the ‘Unsecure’ and ‘Secure’ tabs from the accordion and modify the ‘Base URL’ in each to include the HTTPS protocol like the below:-

With these now in place, every page on the frontend of your Magento store should be loading on HTTPS.

Next though, you’ll need to ensure that anyone accessing your web pages on the old HTTP URL’s get redirected to the HTTPS counterparts by inserting this in your Magento root .htaccess:-

Ensure the above is inserted somewhere shortly after RewriteBase /

As with most things Magento, there will of course, be a number of ways of implementing the necessary to serve your entire Magento store over HTTPS. You may also find that the above rewrite rules in the .htaccess file conflict with existing rules.

If you run into any difficulty or want to share your thoughts or experience, please leave us a comment below. You can learn more about website SSL and what to expect with this recent algorithm change over at Search Metrics’ HTTPS as a ranking factor – how to handle it.