HTTPS Everywhere!

Written by Jen on November 10, 2016

In 2014, Google announced that switching your website over to HTTPS was the way forward and can even help boost your search engine rankings, great right? Everyone wants their website to rank higher and switching over to HTTPS is easy enough.

But before you switch everything over, it is good to understand why and how, so we are going to break it down for you!

What is a HTTP and HTTPS?

HTTP stands for HyperText Transfer Protocol and is an application for transmitting and receiving information across the Internet.

HTTPS on the other hand stands for Secure HyperText Transfer Protocol and is basically a secure version of HTTP, using SSL (Secure Socket Layer) to transmit information from one point to the other. The SSL is an extra security layer that helps protect information. This is the main reasons why Google prefers HTTPS.

Configuring for Magento

At Big Eye Deers, we love Magento and we have had to change a lot of our client’s Magento websites over to HTTPS.

Switching a whole website to HTTPS in Magento is pretty easy if your server is configured right and you have a valid SSL Certificate. See below a simple step:

Go to: System -> Configuration -> Web

Change your Unsecure Base URL to https

Go to Secure Tab and then set both Use Secure URLs in Frontend and Use Secure URLs in Admin to Yes

Seems simple right? But of course, nothing is ever that simple! While changing a website to HTTPS is easy, you need to consider other elements as well.


When you configure your website to HTTPS and you have a SSL, it should automatically redirect the HTTP to HTTPS, however in some cases there may be an issue where the HTTP redirects to the Homepage instead.

Follow the steps below to stop this:

Go to System -> Configuration -> Web section

Set Auto-redirect to Base URL to No

Does your SSL include WWW?

One issue with some certificates is that you can only purchase them with or without the www. bit of the URL. This can be an issue as you will need to set your Magento URLs to the URL matching the certificate

You can always find a SSL certificate that allows both www and without, or if you have already bought one that only takes one, then you can insert a redirect rule to direct any wrong URLs to the right one.

Non-Secure Content

Images, CSS and javascript can be an issue when switching as they are normally hardcoded, and can cause your browser to issue a unsecure page warning. You will need to review coding and update any content to load over HTTPS.

There are many tools that can spot any elements that are off, such as Chrome’s Developer Tools and Firefox Firebug.


If you do have any questions for us about your current site or an upcoming project, feel free to get in touch and we would be more than happy to help out! Head to our contact page for the details to get in touch with the team in either our Cardiff or Cornwall offices!