Originally published at: https://www.emwd.com/using-the-force-ssl-feature/
In a recent cPanel update, our shared hosting servers received a new feature called: Force HTTPS Redirection. Due to the importance of using SSL in a modern hosting environment, we wanted to put a spotlight on this new feature so our clients would know about.
Using SSL Is a Must
The use of SSL connections to websites is now the de facto standard. All modern browsers will now warn site visitors immediately when they visit a website that is not SSL enabled. This warning will cause a loss of credibility for site owners and, according to Google, will also negatively impact your site rankings when it comes to SEO. The importance of having SSL for websites cannot be understated.
We recognized that and for 2 years now have been supplying free SSL certificates to all of our shared hosting clients. However, a lot of site owners with older websites are not able to automatically take advantage of this due to non-SSL urls hard coded into their website. So this poses a dilemma for site owners who have not had the time to keep their websites up to date. Well the Force HTTPS Redirection function helps such a person.
How Does it Work?
In the Domains section of cPanel click on the Domains icon. On the next page there will be an option to enable Force HTTPS Redirection from the insecure version (HTTP) to the secure version (HTTPS) with a toggle switch. Here are some screenshots to help you out:
All domains with valid SSL certificates can have redirection enabled. Aliases (historically called Parked Domains) will inherit their redirection status from their parent domain. No longer will you need to have a .htaccess redirect or plugin be required. Now our clients can toggle a simple switch to redirect visitors to the secured version of their website!
So Why Is This A Good Thing for Me?
Having a SSL enabled website provides a level of security and encryption protecting the transfer of your data across the internet. Using SSL on your website enables the padlock icon on the left side of the URL bar of your browser. This informs your site’s viewers that the site is secured and that data transferred back and forth between the end user and the site is encrypted. It also builds trust and credibility with your site visitors.
There are additional added benefits (aside from security) in having SSL enabled on your site provides.
If you’re a WordPress user (as many of our clients are), or are actively trying to increase your page’s rank in Google searches, Google announced that websites using HTTPS would get a slight ranking factor boost in searches using their engine. Additionally, the newer HTTP/2 protocol has proven to have faster performance than the standard HTTP but requires HTTPS due to browser support. We have HTTP/2 enabled by default on all of our shared hosting servers.
If you are tracking data in Google Analytics, a user who redirects from an HTTPS site to an HTTP site (by clicking links or redirects, etc.), it’s been shown that that referral data is lost. Traffic from HTTPS to HTTP usually ends up getting lumped together with “direct traffic.” HTTPS to HTTPS is counted as referral data. By using an SSL, Google Analytics will provide you with more accurate data.
Using the Force SSL Redirection feature can cause a bug to manifest on some older mailman lists when accessing the Member Management page. If you are unable to save changes via this mailman page then we recommend turning off this feature.
If you have any questions or need assistance with getting SSL enabled on your website, then please feel free to fill out a support ticket via your client area. We will be happy to assist!