getButterfly Logo getButterfly code wrangling since 2005

I have finally bitten the bullet and added SSL security to The reason is that I’ve been fiddling with a small marketplace and having a secure payment page is better than not having one. Obviously.

With the recent developments in Google adding SSL as a ranking signal and the battle of free SSL certificates, having an HTTPS secured website is a must. A given. I owed my users better security.

Installing the SSL certificate took about an hour and the next day the site was already indexed by Google.

These are the steps I’ve taken:

  1. Purchased an SSL certificate.
  2. Installed the SSL certificate and tested it.
  3. Added HSTS security header.
  4. Submitted site to HSTS list.

I am using WordPress so some changes were required in order for the site to fully translate to HTTPS:

I have added the following lines to my .htaccess file:

#<IfModule mod_rewrite.c>
#RewriteEngine On
#RewriteCond %{SERVER_PORT} 80
#RewriteRule ^(.*)$$1 [R,L]

# Force HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

I have changed both URLs in Settings -> General, removed Cloudflare and restarted the server. With a valid SSL certificate there is no need for extra HTTPS plugins or redirections.

Now I can safely open the marketplace to the world!

Subscribe to getButterfly Blog

Once a week or so we send an email with our best content. We never bug you, we just send you our latest piece of content.

If you found any value in this post, agree, disagree, or have anything to add - please do. I use comments as my #1 signal for what to write about. Read our comment policy before commenting! Comments such as "Thank you!", "Awesome!", "You're the man!" are either marked as spam or stripped from URL.

Leave a reply

Love programming?

Learn about the most amazing things. Get smarter everyday!