PrestaShop is a popular, open-source e-commerce platform empowering small, medium, and large online stores. By being open-source, PrestaShop benefits from superior security, transparency, and adaptability over closed-source software. In today’s online environment, we highly recommend you learn how to enable HTTPS in PrestaShop.
If your website runs on PrestaShop, you’re ahead of the game. The platform has proven over the years to be a robust and reliable solution to all e-commerce needs.
However, to make your online store even more secure, but most importantly compliant with e-commerce regulations, you should get an SSL Certificate for your website. Don’t have one yet? SSL Dragon is your one-stop place for SSL value deals and discounts.
After you buy and install the SSL Certificate on your server, your next step is to enable HTTPS.
How to Force HTTPS in PrestaShop
Fortunately, PrestaShop has a built-in SSL activation in its intuitive web interface. All you have to do is:
Step 1: Log into the PrestaShop admin dashboard
Step 2: Browse Preferences > General
Step 3: Check if your shop supports HTTPS
Click on the “Please click here to check if your shop supports HTTPS” link. It’s located on top of the “General” page, next to the “Enable SSL” option.
You need to perform this action to make sure your SSL installation works properly. When everything is fine, the “Enable” field displays YES and NO options. You receive a warning message if something is wrong with your SSL configuration.
Step 4: Enable HTTPS in PrestaShop
Assuming all is well, simply select the “Enable SSL on all pages” option and complete the HTTPS redirect in PrestaShop.
Step 5: Save the changes and refresh the page
Now your entire website should be served over HTTPS.
Fine-Tune PrestaShop HTTPS Redirection
Unfortunately, this action alone is usually insufficient to redirect HTTP to HTTPS in PrestaShop. You still may face annoying errors like Error 500, 404 not found, or 102. The good news is you can remove the majority of errors by yourself, and only in some cases, you’ll have to contact your hosting provider.
Here’s what you can do on your own:
Create 301 redirects
As the name implies, this command will redirect users, in our case to SSL-enabled connections. 301 redirects permanently change the web address of the page from an old URL to a new one. In PrestaShop, the easiest way to achieve this is via a paid redirect module available on the PrestaShop marketplace.
Alternatively, you can do it for free, by creating 301 redirects manually in the .htacces file. Different server platforms use different codes to accomplish this. Contact your hosting provider and ask them for the appropriate code.
Avoid mixing secure and insecure content on a web page
Even if just one of your media files continues to be served over HTTP, browsers will display a warning message about insecure content. Here’s an example of an HTML snippet that can activate the SSL warning:
<a href=”http://www.yoursite.com/images/photo.jpg”>View my pic</a>
As you can see, the hyperlink references a non-secure HTTP resource (photo.jpg file). To resolve this issue, you can simply use relative links. For instance, you could rewrite the unsecured HTML snippet as follows:
<a href=”/images/photo.jpg”>View My Pic</a>
An even simpler solution is to modify all your hyperlinks to use HTTPS instead of HTTP.
Scan your entire code
Make sure to check and change all your links. Your theme and plugin’s source code may still contain old HTTP elements. Replace them as soon as possible.
Let Google know that you’ve redirected PrestaShop from HTTP to HTTPS
Add the HTTPS URLs to your XML sitemap and submit it to the Google Search Console. Use Robots.txt file to control which pages Google will crawl and index.
From here onward, it is important to monitor the changes you’ve made, and keep your PrestaShop platform, website’s theme, and modules up to date with the latest release versions.
Now that you know how to enable HTTPS in PrestaShop, your existing and future online projects will always remain secure.