SSL

There was something that I planned already for a long time to do, move the weblog from http to HTTPS/SSL.

HyperText Transfer Protocol, that is where HTTP stand for and it is the protocol that is used by a browser (Firefox, Chrome, Internet Explorer/Edge) to communicate with a web server. So basically this makes it possible to see the websites on your computer or any other device alike (lets not get too technically).
Already for some time there has been an adaptation of the HTTP protocol to make it more secure: HTTPS, which stands for HyperText Transfer Protocal Secure (well, that you didn’t see coming, right? *SMILE* ).
So what makes HTTPS more secure as HTTP? Well, the communication between the browser and the web server is now encrypted. The encryption of the communication between a browser and a web server protects against eavesdropping and tampering of the communication that is happening. There is a lot of technical information and discussions on HTTPS, but I think we should not go here into that here the weblog.

http https

So the whole idea behind this all was to make the weblog more safe for the people who read and write here.

I was afraid that this all would be a huge job. After all, every internal link must be changed from “http: //www.dimrost.nl” to “https://www.dimrost.nl”. This includes every link to a photo or picture stored on the same server as the weblog, every link to a page or post. We are talking about 18080 fields over 50 database tables that needed to be updated.

I reserved quite some time to do this all.

Some days ago I requested a SSL certificate and installed it. Yesterday I started with the real work with the idea to finish it off today.
I changed to configuration of WordPress so it would used the https-address, I forced that WordPress would use https by default and that it would handled redirects correctly.

I started to create SQL update queries to update all the http-addresses to https, when I read on the website Webtalis about a WordPress plugin to do this all for me. And it worked wonderful.

Yesterday evening within 30 minutes I migrated our weblog from http to https. I should have done this already ages ago!

https safe

I have checked many post/pages manually, but all pages show the green lock as in the picture above, which means the pages is secure and communication to the web server is encrypted. I also ran some automated test tools and those also showed all is fine.

https unsafe

In case the post/page is not secure, a yellow warning sign will be shown, as can be seen in the picture right above here (I changed for the example picture a https-link back to http… which I should not forget to set back to https again *grin*).
If you ever see such a yellow warning sign here on our weblog, please let me know. Then there is something wrong on that page which should be changed. Please mail the address of the post or page to me (you can use the “Contact us” link at top of the page).

Gives a good feeling that it all went so good and fast :-).

Edit: It turned out there was a problem afterwards, it was not possible to write comments to articles anymore (thank you for spotting it so fast Marissa). It turned out a plug in was causing the problem. It was not a very important plug in (it was displaying the “recent posts”-overview in a nicer way), so I deactivated and removed it.
But also it turned out that the GEO plug in was not working anymore. Not critical, just not nice. I am looking into it.

Rob

 

(Source http vs https diagram: Wikipedia)


No comments to this article yet. Press "Continue Reading" to add a comment.