I recently learned from someone that google search ranking is diminished if a site is not https. My site hosting nopcommerce is https. But one can go an http version of the site. If you just put www.[my site].com the server will respond with the non-https version and the browser will say the site is not secure. However users can get the https version by explicitly typing https://www.[my site].com.
What I want to happen is that when a user types www.[mysite].com they will get https://www.[mysite].com.
I asked my ISP host what to do and they suggested I use a redirect.
Is this the best solution and is it the recommended practice?
How do I do that?
Thank you and I apologize if this has been asked and answered. I searched to forum for https but couldn't find the answer.
This is the best practice. But there is also a way to enable that from admin.
What version are you using ?
In v4.2 there is a setting securitysettings.forcesslforallpages which you can set to True
In v4.3 this should happen automatically
The tech support from my ISP says that to get my site to always be in HTTPS that I have to have the site itself redirect to https:
"You will need to engage your web developer / programmer to set HTTP to HTTPS redirection. Hence, if someone browse site without HTTP then also it will redirect to HTTPS page."
But maybe there's something that they can do that he doesn't know about? I'm not sure what to do: try to code it or press the ISP to try and get it to work.
Is anyone in community NOT having to do custom coding to redirect to https?
fyi, I had tried the example posted here:
dont use it! It broke my nopcommerce site. My ISP has to restore it from a backup.