Operating Joomla! with SSL in a 1&1 Package

This post is a guest-post by our Joomla! expert Viktor Vogel

Joomla! Content Management System (CMS) allows you to have your successful and flexible website on the net within a short time. The software is open source and can be used completely free of charge.  Joomla! is ideal for managing dynamic content such as texts on websites or content in enterprise applications. The advantage of such a CMS is that content can be updated in the administration area independently of the layout or formatting.

Tip: With 1&1 Click&Build, you can install and use a Joomla! instance fully automatically within a few minutes!

HTTPS is an Important Ranking Factor for Search Engines

With Joomla! version 3, an important step was taken towards the mobile use. In technical language, the term “responsive web design” is used. This approach will be evaluated by the Google search engine in the future as an important ranking factor. An already existing evaluation factor is the encrypted transfer of data from server to client. For the encryption, the HTTPS (Hypertext Transfer Protocol Secure) communication protocol is used. The protocol encrypts data using the TLS (Transport Layer Security, formerly SSL – Secure Sockets Layer) encryption protocol. Unlike the normal transfer over HTTP, intercepted data cannot be read in plain text, which greatly increases security. The delivery of data over HTTPS requires a valid, properly implemented SSL certificate on the server. By activating an SSL certificate, you can greatly increase the security and relevance in search engines.

1&1 SSL Certificates – Quick, Secure and Trustful

1&1 SSL Certificates are provided by the GeoTrust® certification authority and offer up to 256-bit encryption strength and a 2048-bit root certificate for your domain. An SSL certificate is already included in many 1&1 packages. You can check in your 1&1 Control Panel, in the My Data > Package Information section, whether an SSL certificate is already included in your package. If you have no SSL certificate activated in your package, then you can book it at Package Information > Included Features > Web Hosting. Prerequisite for this is that your package generally supports the integration of SSL certification.

In a 1&1 managed package, the certificate is automatically installed and made available. If you have a server with root rights, then you must install the certificate yourself. More information about SSL at 1&1 can be found here: SSL and Other Services

Once the certificate has been confirmed and set up, you can access your website using the HTTPS protocol. In addition, you must type for your domain https:// instead of http:// in the address bar of your browser, e.g. https://1und1.de. If the certificate is correctly implemented, then a small lock symbol will appear in front of the URL and the content of the called page will be loaded correctly. By clicking the symbol, you can get more information about the certificate.

Joomla! and SSL

Joomla! works without problems over HTTPS, even without changes to the settings. However, there is an important option to force the delivery of content over HTTPS. Thus, requests over the normal HTTP protocol will be halted and redirected over HTTPS. You should use this option to ensure the encrypted transfer of the HTML pages. Furthermore, you also have the option to deliver each call over HTTPS independently of Joomla!. This is possible with a .htaccess rule, which we describe in our Help Center: Redirecting Visitors Automatically on SSL-Secured Pages

Force SSL in Joomla!

Once the SSL certificate is installed and you can properly call your website in the browser over https://, you should activate the option Force SSL. This option ensures that your visitors can no longer access your website over the unencrypted HTTP protocol. You can activate the Force SSL option as follows:

  1. Log into the admin area of Joomla!.
  2. In the menu, click System > Global Configuration.
  3. On the configuration page, select the Server tab.
  4. In the Force SSL list, select the Entire Website option.

    Joomla!_Force_SSL
  5. Click Save.

Information: The 1&1 Joomla! expert Viktor Vogel has improved this option in the Joomla! project. Thereby, the requirements and guidelines of Google for domain redirects are now met on SSL-encrypted websites. This improvement will be available for all users from Joomla! version 3.4.2 and will have a positive impact on ranking of websites that use this option. More information can be found here:
[Improvement] – Status code 301 for Force SSL option #6646

 

Please rate this post :

Leave a Reply

Your email address will not be published. Required fields are marked *