How to enable HTTPS on WordPress Websites

With WordPress moving towards SSL, this is a good time to consider enabling HTTPS on your website too. When you enable HTTPS on your website, the data transferred between your visitor and your server is encrypted. This means that, hackers cannot steal your information, easily. Besides, Google is already using HTTPS as a ranking signal! Protecting your website with a SSL certificate is a must!

Read also:  9 ways to enhance the security of your WordPress website.

This post assumes that you already have a working SSL certificate. If you do not have one, you can get one free SSL certificate issued by Let’s Encrypt generated via ZeroSSL or directly with your web hosting company.

1. Configure WordPress to use HTTPS

General settings in WordPress dashboard

In your WordPress admin dashboard, update the Site Address and WordPress Address (which is your WordPress installation directory) to use the HTTPS protocol, from http://www.example.com to https://www.example.com.

2. Redirect all traffic to HTTPS

Now that you have HTTPS configured on WordPress website. The next step is to perform a 301  redirect to the HTTPS version of your website.

Add the following code to your .htaccess file.

# BEGIN HTTPS Redirect
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# END HTTPS Redirect

You should find your .htaccess file in the root directory of your WordPress installation folder. This is accessible via your cPanel’s File Manager or you can use FTP to upload an updated version.

3. Enable HTTPS in WordPress admin

Add the following code to the wp-config.php file in your WordPress directory.

define(‘FORCE_SSL_ADMIN’, true);

Once these 3 steps are done, your WordPress website will be fully activated to HTTPS.


Why I don’t see the lock icon on my browser?

Check to ensure all resources (images, css, Javascript files) on the website has been loaded from a https URL.

I use SSL Insecure Content Fixer to ensure that everything loads from a HTTPS origin. It is a easy and straightforward plugin. If you have have an image embedded in a post with a non-HTTPS URL, this plugin will change that to a HTTPS URL.

You can also use this free tool by Jitbit to test your website for non-secure content.

How do I know if my SSL certificate is working?

Use this free tool – Qualys SSL Labs SSL Server Test to test the quality and configuration of HTTPS-enabled website.

Over to you

Do you know of any tools that helps you with enabling HTTPS on your WordPress? Let me know in the comment section below.

1 reply on “ How to enable HTTPS on WordPress Websites ”
Leave a Reply

Your email address will not be published. Required fields are marked *