Discover how best to use our tools in a solid plan for a successful migration
Enterprise Guide To Migrating Large Sites
Planning to migrate a large site or estate to HTTPS? Based on working with lots of big enterprises, we've put together some information which will help you understand and plan how to use our tools in your workflow. In our guide you will find detailed instructions and tips, workflow plus additional licensing and support optionsDownload
Mixed content issues occur on HTTPS sites due to links within the content using HTTP rather than HTTPS in the asset’s URL. This breaks the HTTPS security padlock on the page that is affected. Most content on sites can be picked up during a crawl, but this can miss some dynamically generated content because the crawl cannot discover it.
In order to find both types of content, we have two applications to use:
How HTTPS Checker Works
HTTPS Checker is a downloadable desktop app which identifies pages to crawl via links on your site, then identifies and reports on mixed content issues that are found. These issues are stored in local storage on your machine, summarised at the end of the crawl on-screen and via downloadable CSV or PDF formats. You can control the crawl via different Mode settings, which directories to include as well as tuning the speed of the crawl.
How HTTPS Reporter Works
HTTPS Reporter captures Content Security Policy violations from your site which are triggered when a page is visited that has a mixed content issue. You need to generate and add a CSP to your website header. You then log in to your HTTPS Reporter dashboard to see these violations and mark them as fixed.
Licencing & Payment On Invoice Option
For large sites, we have a $99 Enterprise licence which allows crawling up to 250,000 pages. However, we also have a $249 Platinum licence which allows unlimited crawling of pages and is therefore suitable for even the biggest sites (the largest site to use the tool when we last checked had 8,000,000 pages). We can bill via invoice for enterprise and platinum licences for as many months as specified.Get Your Enterprise Licence or Contact Us For A Platinum Licence
Support & Consultancy
We provide telephone support and consultancy to large enterprises on an agreed plan.
Planning Tips For Large Sites Or Estates
Large sites often have lots of technology to build pages or show ads, you need to identify and handle this array of technology plus front and back-end integrations. If you don’t have an asset record of what’s been implemented on your site, start with a search on Builtwith which will show your technology profile and then make sure each technology provider has an equivalent HTTPS service.
It is going to take a lot of time and effort to migrate a site or multiple sites, so plan your resourcing and treat it as a high-level project. Start with your Dev site.
Handle the migration in sections or audiences rather than trying to do the whole thing in one go.
Learn As You Go
Measure and record the issues as you complete each section, then apply what you learn to the next section. HTTPS Checker allows you to download a PDF or CSV of crawl results and HTTPS Reporter stores and displays issues in your dashboard.
Tackling Widespread Common Issues First
It is a good idea to first look at common generated pages such as category or product pages, to see if there is a program issue likely to affect all of them and to resolve it first and then progress to the main crawl. You can upload a list of example URL’s covering your common pages and run them through the HTTPS Checker app.
To help in the creation of your own migration plan, we’ve included an example process flow and tips on using the apps.
HTTPS Migrations can be complex and time-consuming so ensure you plan for this as a priority project that is fully resourced and follows a documented living plan which incorporates learning points as you progress through the program of work. Ensure your plan covers changes to analytics and post-migration checks.
Scan Preparation & Tuning
Decide how you are going to segregate large sites into manageable migration chunks.
Tip: You can upload a CSV list of URL’s to crawl into the HTTPS Checker app for precise targeting and also define sections of the site using robots.txt rules in Advanced Options. You can also set crawl parameters here to tune the speed of the crawl.
Tip: Check the log files to make sure you haven’t set it too fast.
Run the scan on your target pages and the HTTPS Checker app will summarise issues and provide PDF and CSV downloads of the issues found too. Check your log files to see which URL’s were crawled and which gave errors, so you can investigate them further. Try slowing down the crawl if you are generating a lot of errors.
Fix & Re-Scan
Share the CSV of issues out to your fixers, maybe via Google Docs so it is in a central place, and assign the issues out. You can then check the fixes by importing a specific list of CSV’s to crawl and then do a full scan as a double check when you believe everything is fixed.
CSP Violation Capture
Set up your CSP header and start catching violations in HTTPS Reporter. This will pick up issues that come from dynamically generated content, which the HTTPS Checker app can’t find, as well as any other mixed content issues that have crept back in.
Fix CSP Violations
Mark fixed issues in HTTPS Reporter. A daily email is sent out if new violations are added to the database. NB There is a cap on how many issues are stored so it’s important you clear down fixed issues.
Continue to monitor your site(s) with HTTPS Reporter for any new mixed content issues that make their way onto the site(s) over time. Look to see if you can tighten up your website management and import tools to stop “http” content being added. You can consider using the HSTS web security policy, but do so with caution.
What To Expect In The Full Guide