What is HTTPS And How To Setup For PrestaShop

With HTTPS/SSL, users are assured that their data will be secure. This is a requirement for privacy and security online today.

There are three big reasons why you should care about having SSL protected site (also known as HTTPS security):

1. Without HTTPS/SSL, browsers will show a security warning about possibly insecure store.

2. End-to-end encryption is a requirement for user and store data privacy.

3. Google has been punishing sites for years for not having an HTTPS security layer.

Fortunately, fixing SSL for your PrestaShop is easy and can be done in absolutely any store. Let us take a look at the following:

What is HTTPS or SSL in PrestaShop

When you open your store in your browser, you should see a security badge near the URL. It is displayed in every browser.

Here is how it looks like when a store is protected with HTTPS encryption:

Badge when store is protected with HTTPS
Badge when store is protected with HTTPS

Here is how it looks when encryption is not enabled:

Badge when store is not protected
Badge when store is not protected

Why PrestaShop Needs HTTPS

PrestaShop is an ecommerce platform. Every ecommerce platform deals with private user information: purchases, browsing history, and checkout information where a user fills his confidential information starting from his name and ending with shipping address or credit card information.

This data is easily exposed to the network (thanks to the insecure store) if it is not protected with HTTPS.

HTTPS encrypts communication between your store and your client. Therefore, nobody, except the mentioned user, can see personal details.

Nice visual of how HTTPS works
Nice visual of how HTTPS works

Does HTTPS In PrestaShop Improves SEO Score

HTTPS has nothing to do with SEO. It won’t increase your rankings. But it can lower your rank as Google punishes sites without security.

1. Google Chrome browser shows the user a badge about possibly insecure site

2. Sometimes insecure badge appears near-site URL

These two issues prevent excellent user experience, making users less likely to click or browser your store.

User experience is the key element which increases or decreases search result ranking.

How To Enable HTTPS In PrestaShop

HTTPS certificate is given only by a hosting provider. Fortunately, almost all hosting providers will provide you with an HTTPS certificate for free. So the only work you have to do is go to your back office and force all pages to use HTTPS.

To check if a hosting provider enables HTTPS, just enter your store domain to the browser URL input bar with the HTTPS:// prefix. Like https://example.org. If the site opens correctly – your hosting supports HTTPS, and you can continue.

In the PrestaShop back office, click Shop Parameters → General. You will see input Enable SSL – set that one and hit Save.

PrestaShop back office HTTPS toggle
PrestaShop back office HTTPS toggle

There are two possible reasons if you can’t toggle these options:

  1. The hosting provider does not have HTTPS enabled (see your control panel to allow this option) Your store is behind a proxy. The only way to enable HTTPS is to do it from the database administration panel (like PHPMyAdmin).
  2. Update two values in your MySQL database (through PHPMyAdmin) to force HTTPS usage on all pages. In the ps_configuration table, find keys named PS_SSL_ENABLED and PS_SSL_ENABLED_EVERYWHERE and set values to 1. Then visit the back office for the HTTPS setup page, and you should see checkboxes enabled.

Conclusion

HTTPS is a great way to increase security for your store. Still, you can see our blog for more articles. There are many more PrestaShop customizations you can make.