Sydeny PC & Technology User Group

Web Design User Group

We Meet the third Saturday of each month
 at the Sydney Mechanics Institute 240 Pitt St Sydney from 2 pm

What we did

January 2019 : HTTPS

Welcome to Web Design 2019. In our first meeting for the year John showed the group how to make a site secure. These days most search engines require sites to be secured with HTTPS. Google has announced that any non-secure site will be ranked below those sites that have HTTPS.

Here's what John had to say.

See why encrypted communication is vital to HTTPS (6:39 min video)

Make your website HTTPS compliant with cPanel

There are three parts to this process:

1. Obtain and/or activate a current SSL Certificate

2. Re-address all your site’s pages and links from “http” to “https”

3. In your site’s .htaccess file, add a redirect from “http” to “https”


Firstly, clarify if your site has a Valid SSL Server Certificate

Note how many days to expiry (You may want to renew soon)

Ignore any Validations issued before 2017 within Certificate Chain

If your site doesn’t have a Valid Certificate, you have two options

1) Use the paid service (from $60/yr) provided by your web-host

2) Do it yourself for free, but be aware this is not a trivial task and generally has to be repeated about every 90 days, but this may be automated with some web-hosts.

Now Check here to see if your site has a Valid SSL Server Certificate

View this 7:18 min video on manually renewing your SSL Certificate

If using option: 2)   Make your website secure follow these steps:

Open you browser and log into cPanel in a new tab

Open another tab – go to:

On this page, insert the domain name of your website and click “Create Free SSL Certificate”

Click the middle “Manual Verification” button

Wait a few moments then scroll down to view the generated files

Click to download: File#1 and File#2

Go back to the cPanel tab and open File Manager (at top left)

Open the public_html folder then click + Folder and name it as “well-known” then click Create New Folder

In File Manager, click on the new “well-known” folder and make another folder (as above) with the name “acme-challenge”

Click to open this folder, press Upload and drag in the two previously downloaded files

Now scroll down and press Go Back to see if the two are showing

Next, go to the “SSL for free” tab

Click on “Download SSL Certificate” near bottom to download the Certificates in your browser

At this point you can create an account to receive expiry notifications

Scroll down to view the three Certificates as text

Go back to the cPanel tab and scroll down and click on the SSL/TLS icon under Security to open it

Note: If the “Install and Manage SSL for your site (HTTPS)” does not appear in your version of cPanel - click on “Certificates (CRT)” link

Add your site’s Domain name in the box

From your browser, copy the Certificate text and paste it in cPanels “Certificate (CRT)” box

Do the same for “Private Keys (KEY)” and “Certificate Signing Requests (CSR)” then press “Install Certificate”

When the installation is complete press OK

Now reload your web page to check if the green padlock appears

2. (Do once only)

IMPORTANT: Chrome browsers may show web-sites with “http” links as “Not Secure”

Re-address all your site’s pages and links from “http” to “https”

Open each page in your web editor and find (Ctrl+F) all references to http

Ignore those already showing https

Test if http links will open if an “s” is added. If so add it to that link

Upload the revised pages to your server

3. (Do once only)

Open .htaccess in your web editor or cPanel and after adding the date and your own domain name insert the following script:

# Redirect HTTP to HTTPS (inserted xx/xx/20xx)

RewriteEngine On

RewriteCond %{HTTP_HOST} [NC] RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$$1 [R,L]


Congratulations – your web-site should now be HTTPS compliant.


JohnL Jan 2019