Author: Leon Wimmenhoeve

If you enabled HSTS on your site, you’ll have to clear it from your browser after you disabled it again. Otherwise, your site willl keep loading over SSL. There are two ways to do this. The first sets the .htaccess header, which resets it for all users: Resetting the HSTS header using the .htaccess If you set the expiration time on your HSTS header in the .htaccess to zero, the HSTS header should expire immediately. <IfModule mod_headers.c> Header set Strict-Transport-Security

This article contains a short checklist of the most important items to take into account before and after migrating your site to SSL. Before migrating Check your SSL certificate with SSL labs: http://ssllabs.com/ssltest/ If you don’t get an A, contact your hosting provider. Check your site for mixed content by running the scan with Really Simple SSL pro. Really Simple SSL fixes all http references in your site, but can not automatically fix: http:// links in .js or css files

If the SSL certificate on your site works fine on desktop but gives an error on mobile devices (specifically Android): this certificate isn’t from a trusted authority, there is probably an issue with your SSL certificate chain. To check this, run an SSL check here: https://www.ssllabs.com/ssltest If one of the results is This server’s certificate chain is incomplete. Grade capped to B, this might be the issue. Contact your hosting provider to fix your certificate chain.  

I recently got forwarded this message from a customer that had migrated to SSL. Google has detected structured markup on some of your pages that we believe violates our structured data guidelines. Because incorrect information lowers the quality of search results for users, rich snippets will not appear in Google Search results for pages with incorrect structured data markup. This manual spam action has been applied to domain.com. We suggest you update the incorrect structured data and file a reconsideration