homepage Welcome to WebmasterWorld Guest from 54.197.147.90
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Converting a site from https to http
eljuan




msg:4054725
 8:18 pm on Jan 5, 2010 (gmt 0)

We are in the process of converting our site from https to http (with forms remaining secure). I was curious if anyone had some best practices for this process. Is there anything that we need to make sure we don't forget to do? I have already updated the site_map.xml files.

Any help appreciated.

Thanks!

 

phranque




msg:4073533
 2:59 pm on Feb 3, 2010 (gmt 0)

you can avoid a lot of problems by using a subdomain for the secure content.
create a set of rewriterules that will externally redirect requests for the old urls to the new urls.
make sure you canonicalize your urls so you are only serving secure content with the https: scheme and only non-secure content with the http: scheme.
be sure to use fully qualified urls or relative to the domain root for external files so they have the same protocol as the page.

[edited by: phranque at 2:16 pm (utc) on Feb. 4, 2010]

CosmicLee




msg:4073668
 6:10 pm on Feb 3, 2010 (gmt 0)

we also use relative links within the site, and not the full path, in the code. helps a lot.

rocknbil




msg:4073842
 9:29 pm on Feb 3, 2010 (gmt 0)

All of the below is rendered incorrect if you are using a single directory for secure content. Most developers don't.

There is often confusion about relative links. These are both relative:

../../../images/some-image.jpg
/images/some-image.jpg

The first is relative to the current directory, the second is relative to the domain root. If you always use the second, it doesn't matter how deep in your directory structure a page is, it will always find /images/some-image.jpg.

So this is the first step in dealing with HTTPS/non-HTTPS, set all your links, images, etc. relative to the domain root, and they will be fine. This also makes moving files to and from the SSL pages very easy, no special treatment required.

The second thing to take note of is external objects you wouldn't suspect. Two examples are to be sure to use the secure version of the Analytics urchin, and to take it off when moved to non secure areas (or, use the if/else code,) and if you have any Flash, the URL to the download plugin page needs to be the secure version for SSL, non secure for non SSL.

Last, you can always add this to secure scripts to nix old links or non-secure access:

if (! ($_SERVER['HTTPS']==on)) {
header("location:https://example.com/"this-script.php");
}

Invert that for non HTTPS pages.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved