Despite most not seeing many changes after migrating from HTTP to HTTPS for the Google HTTPS ranking boost, still webmasters want to do it.
If you are going to do it, you need to do it right. So here is a check list based on WebmasterWorld forums, the original Google blog post and my experience migrating over a few sites.
- Get the valid security certificate
- Install it using SHA-2 and make sure it is configured properly
- Do the HTTP migration on a test server to test first
- Set up HTTP to HTTPS 301 redirects and test
- Update all external plugins to ensure they are HTTPS compliant (commenting, widgets, twitter, facebook, youtube, all those embeds - trust me you won't find them all)
- Update all your ad code to support HTTPS
- Ensure your analytics will work on the new HTTPS URLs
- Update social sharing counts (use code that counts both HTTP and HTTPS counts or uses one or the other based on a cut over date)
- Update your internal site search to support HTTPS and discover new URLs sooner
- Submit new HTTPS XML sitemaps
- Review the Google site move article
- Verify the new HTTPS site with Google Webmaster Tools and track indexation, crawling, search queries, etc.
- Test your site using the Qualys Lab tool
- Read every article I wrote about it over here to know what to expect
I am pretty sure that covers 95% of it. If I left something add, use the comments below.
I did ask Google to build a report in Google Webmaster Tools for HTTPS content mismatch errors to help webmasters.
Forum discussion at WebmasterWorld.
This post was pre-written and scheduled to be posted today. FYI, I am offline today, so if Google does a Penguin update - I won't get to it until Monday.
