What is HTTPS And How To Setup For PrestaShop
There are three big reasons why you should care about having SSL protected site (also known as HTTPS security):
- Without HTTPS/SSL, browsers will show a security warning about possibly insecure store
- End-to-end encryption is a requirement for user and store data privacy
- Google has been punishing sites for years for not having an HTTPS security layer
Fortunately, fixing SSL for your PrestaShop is easy and must be done in absolutely every store.
What is HTTPS or SSL in PrestaShop
When you open your store in your browser, you should see a security badge near the URL. It is displayed in every browser.
Here is how it looks like when a store is protected with HTTPS encryption:
Here is how it looks when encryption is not enabled:
Why PrestaShop Needs HTTPS
PrestaShop is an ecommerce platform. Every ecommerce platform deals with private user information: purchases, browsing history, and checkout information where a user fills his confidential information starting from his name and ending with shipping address or credit card information.
This data is easily exposed to the network (thanks to the insecure store) if it is not protected with HTTPS.
HTTPS encrypts communication between your store and your client. Therefore, nobody, except mentioned user, can see personal details.
Does HTTPS In PrestaShop Improves SEO Score
HTTPS is nothing to do with SEO so that it won’t increase your rankings. But it can lower them as Google punishing sites for years:
- Google Chrome browser shows the user a badge about possibly insecure site
- Sometimes insecure badge appears near-site URL
These two issues prevent excellent user experience, making users less likely to click or browser your store.
User experience is the key element which increases or decreases search result ranking.
How To Enable HTTPS In PrestaShop
HTTPS certificate is given only by a hosting provider. Fortunately, almost all hosting providers will provide you with an HTTPS certificate for free. So the only work you have to do is go to your back office and force all pages to use HTTPS.
To check if a hosting provider enables HTTPS, just enter your store domain to the browser URL input bar with the
HTTPS:// prefix. Like
https://example.org. If the site opens correctly - your hosting supports HTTPS, and you can continue.
In the PrestaShop back office, click Shop Parameters → General. You will see input Enable SSL - set that one and hit Save.
If you can’t toggle these options, it means two things:
The hosting provider does not have HTTPS enabled (see your control panel to allow this option) Your store is behind a proxy. The only way to enable HTTPS is to do it from the database administration panel (like PHPMyAdmin).
Update two values in your MySQL database (through PHPMyAdmin) to force HTTPS usage on all pages. In the
ps_configuration table, find keys named
PS_SSL_ENABLED_EVERYWHERE and set values to
1. Then visit the back office for the HTTPS setup page, and you should see checkboxes enabled.
HTTPS is a great way to increase security for your store. Still, you can see our blog for more articles. There are many more PrestaShop customizations you can make.