How to Redirect HTTP to HTTPS in WordPress
In our previous article, I have discussed how to properly install free SSL certificate in WordPress. After installing SSL in your site, your site will be assessable with SSL/HTTPS. Your site will open with HTTPS only when a user opens your site with HTTPS. In most cases, If you only type your site name(example.com) only, it will not open with HTTPS/SSL and show that “Connection is not secure”. So, you need to force HTTPS or redirect HTTP to HTTPS, so all visitors will be accessible through secure HTTPS connection.
Recently, I have installed an SSL certificate on my site. The site opens with SSL/ HTTPS only when I type full address i.e: “https://www.example.com”. It looks like this:
But when I type the site name only i.e: “example.com”, it doesn’t open with SSL or HTTPS connection and it shows me that the “Connection is not secure”
So, I have added a HTTPS redirection code in my .htaccess file, then the site is only accessible with HTTPS connection. Now when I type the site name only, it automatically opens through secure HTTPS connection. So in this tutorial, I will show you How to Force HTTPS or Redirect HTTP to HTTPS in WordPress easily.
How to Redirect HTTP to HTTPS in WordPress
There are several methods by which you can force HTTPS in your site. You can do it from your web hosting cPanel or using .htaccess. In this article, I have shown bot method.
1. How to Force HTTPS from cPanel?
Some of web hosting providers allow you to force HTTPS from your cPanel directly. So in this case, you don’t need to edit any code manually. I use SiteGround WordPress hosting and they provide “force HTTPS” option in their cPanel.
If you are using SiteGround, you can force HTTPS in just one click. To do this, first log in to your cPanel and go to Security section and click on Let’s Encrypt.
From there, you can see a list of your active certificates. But make sure that you have properly installed SSL certificate or it wouldn’t work.
There you will see two options- HTTPS Enforce and External Links Rewrite.
By enabling “HTTPS Enforce”, it will force your entire site to open an encrypted HTTPS connection. This way your website will always open with HTTPS. But make sure you didn’t add any redirect code in your .htaccess file.
The other option is “External Links Rewrite” that opens all your external links via HTTPS connection. But it is totally optional. Do not enable this option if your site shows “Mixed Content” warning or they will not be loaded through HTTPS connection.
We recommend you to enable only “HTTPS Enforce” option.
After enabling HTTPS Enforce option, your site will always open with SSL/HTTPS connection.
2. How to Redirect HTTP to HTTPS Using .htaccess
If your web host doesn’t provide force HTTPS option, then you can manually redirect HTTP to HTTPS from .htaccess file. It is also an easy method and takes a couple of minutes. But make sure you have not added any further redirection code in .htacces file.
To force HTTPS from .htaccess, first log in to your cPanel. Then go to your site root folder. There you can see a file named “.htaccess”, now click on edit and enter the following code.
a) To redirect all visitors to HTTPS/SSL
[code]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
[/code]
b) If you want to force HTTPS/SSL on a specific folder
[code]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} yourfolder
RewriteRule ^(.*)$ https://www.yourdomain.com/yourfolder/$1 [R,L]
[/code]
*Be sure to replace www.yourdomain.com with your actual domain name.
c) If you want to redirect a single page HTTP to HTTPS
[code]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^secureform\.html$ https://www.yourdomain.com/samplepage [L,R=301]
[/code]
*Be sure to replace www.yourdomain.com/samplepage with your actual page URL.
3. How to Redirect HTTP to HTTPS in Nginx
If your web server is running Nginx, then you can easily redirect all HTTP traffic to HTTPS by adding the following code in your Nginx config file. Go to “/etc/nginx/nginx.conf” and add the following section:
[code]
server {
listen 80;
server_name domain.com www.domain.com;
return 301 https://domain.com$request_uri;
}
[/code]
Click on save and you are done.
I hope this tutorial helped to properly redirect HTTP to HTTPS. If you are getting an error or stuck at any step, please let us know in comment section. We are also available on Facebook, Twitter, Google+.
Related Articles,
*This post may have affiliate links, which means I may receive a small fee if you choose to purchase through my links (at no extra cost to you). This helps us to keep WPMyWeb up and running and up-to-date. Thank you if you use our links, we really appreciate it! Learn more.
Hi Ray is okay for Apache but in Nginx cant open htaccess and I use the plugin for force HTTPS, can you advise: https://wordpress.org/plugins/force-https-littlebizzy/
For Nginx, you need to add this code
""server {
“” in your Nginx config file. “/etc/nginx/nginx.conf”listen 80;
server_name domain.com www.domain.com;
return 301 https://domain.com$request_uri;
}