Change WordPress to SSL

[fusion_builder_container hundred_percent = & #8220; no & #8220; equal_height_columns = #8220 NO #8220; menu_anchor = #8220; & #8220; hide_on_mobile = #8220; small-visibility, medium-visibility, large-visibility & #8220; class = & #8220; & #8220; id = & #8220; & #8220; background_color = #8220; & #8220; Background_Image = #8220; & #8220; background_position = & #8220; center center & #8220; background_repeat = #8220; no-repeat & #8220; fade = #8220 NO #8220; background_parallax = #8220; none & #8220; parallax_speed = #8220; 0.3 & #8243; video_mp4 = #8220; & #8220; video_webm = #8220; & #8220; video_ogv = #8220; & #8220; video_url = #8220; & #8220; video_aspect_ratio = #8220; 16: 9 & #8243; video_loop = #8220; yes & #8220; video_mute = #8220; yes & #8220; overlay_color = #8220; & #8220; video_preview_image = #8220; & #8220; border_size = #8220; & #8220; border_color = #8220; & #8220; border_style = #8220; solid & #8220; padding_top = #8220; & #8220; padding_bottom = #8220; & #8220; padding_left = #8220; & #8220; padding_right = & #8220; & #8220;] [fusion_builder_row] [fusion_builder_column type = & #8220; 1_1 & #8243; layout = & #8220; 1_1 & #8243; background_position = & #8220; left top & #8220; background_color = #8220; & #8220; border_size = #8220; & #8220; border_color = #8220; & #8220; border_style = #8220; solid & #8220; border_position = #8220; all & #8220; spacing = #8220; yes & #8220; Background_Image = #8220; & #8220; background_repeat = #8220; no-repeat & #8220; padding_top = #8220; & #8220; padding_right = #8220; & #8220; padding_bottom = #8220; & #8220; padding_left = #8220; & #8220; margin_top = #8220; 0px & #8220; margin_bottom = #8220; 0px & #8220; class = & #8220; & #8220; id = & #8220; & #8220; animation_type = #8220; & #8220; animation_speed = #8220; 0.3 & #8243; animation_direction = #8220; left & #8220; hide_on_mobile = #8220; small-visibility, medium-visibility, large-visibility & #8220; center_content = #8220 NO #8220; last = & #8220 NO #8220; min_height = #8220; & #8220; hover_type = #8220; none & #8220; link = & #8220; & #8220] [fusion_text]

An encrypted transfer of data between browser and web server provides additional security. Therefore, Google is increasingly emphasizing that websites are transmitted encrypted over SSL and weight this factor when ranking the search results. In addition: Web browsers point out more and more users when a website is not encrypted.

A conversion of your website to SSL is therefore highly recommended. At, every hosting package has access to Lets-Encrypt SSL, so the upgrade costs a penny extra and is relatively easy to accomplish.

Nevertheless, we point out that switching to SSL can be complicated in some cases.

To switch to SSL, just go to your webhosting management from and click on the Icin Lets-Encrypt SSL in the overview.

Search and Replace in the WordPress database

If you now call your blog, you will still get the message that the page is uncertain. Because the called page as such is already SSL-encrypted transmitted, but not some embedded components. This includes in particular pictures, but possibly also other elements such as Youtube videos. But this can also be, for example, HTML or Javascript code of banners. And elements included by plugins could be the cause of the problem. Even inflexible programmed themes could http: //References included.

Become elements on one encrypted page unencrypted loaded, this creates a so-called "mixed content". This makes the page by definition altogether uncertain - with appropriate warning message in the browser. Before we go into the root cause analysis, we first fix a problem caused by WordPress itself. With a little luck, your blog will be completely SSL-encrypted and will not throw any more error messages in the browser.

Unfortunately, WordPress stores the URLs of pictures, including the log portion of the URL, directly in your blog posts. You must therefore all http: // -References in the WordPress database in secure https: // -Convert references.

Anyone familiar with the procedure and SQL queries can, of course, do this directly with the database administration phpMyAdmin via the webhosting management area.

Alternatively, we recommend that you download your WordPress database and in a text editor with & #8222; Find and Replace & #8220; to change and then re-upload.

Search: & #8222; http: // & #8220; & #8211; Replace: & #8222; https: // & #8220;

The simplest, however, you do that with the WordPress Plugin Search & Replace of the plugin developer Inpsyde GmbH.

Search and replace

Attention: Before using the plugin, make sure to back up the WordPress database. The plugin offers under the tab Database Backup a separate function. Because one Back-There is no function for Find and Replace actions in the database. If something should go wrong, you could just iron it out without backup by searching and replacing again.

In the plugin you wear under the tab Search & Replace at Search for "Http://" and under Replace by "Https://" into the input field, whereby you use of course instead of "" your actual domain. If you work without "www.", You leave it accordingly.

Choose in the Select table-List the line wp_posts off so that it is blue or gray. Make sure the check mark is behind test run is active.

Now you click on the Search and replaceButton.

Find and replace 2

The plugin shows you how many substitutions it would make in real mode. By clicking on the Details-Link, you can check which substitutions are made exactly. Although you will understand these details only if you are a little familiar with HTML and WordPress. Nevertheless, you should take a quick look and in the columns Previously and later Check briefly if you have made a typo. Say: Will really http: // by https: // replaced, or do other things happen?

Find and replace 3

If everything seems okay, close the detail window again with a click on the small cross at the top right, take the checkmark test run out, select the option Write changes to the database and do it seriously by looking at the Search and replaceClick button.

Now all elements directly linked to your blog posts are on https: // converted and thus transmitted SSL encrypted.

Complementing WordPress adjustments

Even if everything seems to be okay, you should still adjust two things in WordPress:

  • Settings - General: change the WordPress address and website address of http: // on https: //
  • Then check if under Settings - Permalinks too https: // -URLs are available. If not: Click on the button Apply changeswithout first making any changes there.

SEO Relevant Steps

One last step is relevant from the point of view of search engine optimization. He informs Google reliably about the change to SSL. Because from Google's perspective, the http: // - and https: // -Variants namely two different websites and it should in the medium term only the new https: // -Variant to be detected by Google.

If you have the Google Webmaster Tools already used, there is already the entry for the http: // -Variant. Join now Add property Your blog also in the https: //Variant and leave the http: // -Variant exist. If you have not used the webmaster tools yet, just put the new "Property" with the https: // -URL to.

Note: Unlike in various tutorials on the web, you should use the webmaster tools for the old http: // -URL no change of address make. According to Google, this option is not useful and intended for switching to SSL. If your http: // -URLs on the https: // -URLs are redirected - as described and made in the settings above - Google recognizes the change automatically.

If you've previously submitted a sitemap on Google Webmaster Tools, make sure you include it with the new ones https: // -Submit URLs again. If you use a plugin for this, make sure that it takes the change into account accordingly.

If you have linked your blog, for example, in profiles on Facebook, Twitter, Instagram and Co., change the links there to the https: // -URL, so that these links reach your blog directly and do not run through the redirect.


If you continue to receive an SSL error message in the browser, then you will not be spared a detailed error analysis. Due to the multitude of possible causes, we can not discuss all eventualities here. But we show how to get to the bottom of the problem.

First of all, look through the options of your plugins and change the URLs you entered there as well https: //. Ad code, for example, in the plugin Adrotate or similar could still http: // -Contain URLs. Pay attention however with changes to the fact that these external URLs are actually also via SSL callable, otherwise the change helps too https: // Nothing.

If SSL error messages continue to occur, it is important to first identify the non-SSL-loaded items. The easiest way to do this is with the developer tools of the browser Google Chrome, in the menu under more Tools - Developer Tools, Click there on the tab Security, Chrome shows you in ConsoleWindows the problematic Mixed contentElements.

Troubleshooting requires self-initiative work as well as HTML or PHP skills. If a plugin or theme is identified as the culprit, you should first search for help in the associated support forum at WordPress. There you will quickly find out if there is a solution or if you need to change the theme or plugin.

As a temporary solution, you can create a theme for themes and make appropriate adjustments. You could copy plugins and build your own plugin with a modified code. This at least temporarily solves the SSL problem. In the long term, you will have to find a permanent alternative, but if you do not want to maintain and update the theme or plugin yourself or can.

Why is Mixed Content a problem?

The really annoying thing about an SSL switch is that the different web browsers behave very differently when they come across insecure websites. These are websites that are transmitted using SSL but contain insecure elements.

Some browsers only bring a subtle hint, others suggest a great danger to the user and also offer a way to report the website as dangerous. Even if the cause is only a single, not encrypted loaded image, from which no real danger emanates, the user gets the impression of great danger.

Therefore, it is important to pay close attention to the fact that the entire website is really transmitted SSL-encrypted. You should extensively test your website after the transition, so there really is no problem anywhere. Because of course there is no reader and certainly not a search engine funny, if instead of your contents pops up a fat, red alarm.

Finally, if you want to test again, if everything is alright, you'll get it SSL test of SSL Labs additional security and information.

[/ Fusion_text] [/ fusion_builder_column] [/ fusion_builder_row] [/ fusion_builder_container]

de_DEDeutsch en_USEnglish
Scroll to Top