How to Redirect HTTP to HTTPS on WordPress
Learning how to move your website to HTTPS is an important issue. In this guide, we will first talk about what we mean by HTTPS and SSL and how it works. Also, we will talk about reasons to add encryption to your site. Then we will tell you where you can get an SSL certificate for your site and finally provide you with a step-by-step guide on how to move your site to HTTPS.
These days the URL of most big sites (and increasingly also the smaller ones) start with https:// instead of the familiar https://. In fact, if you look into your browser bar while on this very website, you will see exactly that.
{Read:- 5 Ways to Improve SEO on Your WordPress Site }
Next to it, you will also notice the padlock symbol. This is how modern browsers show that you are on a site that uses SSL encryption. In some cases, they even include the name of the company. Both are signs that you are on a site that takes the privacy of its visitors seriously.
How to Redirect HTTP to HTTPS on WordPress
Now we are getting to the meat and potatoes of this article: how to move your site from HTTP to HTTPS. We will take this step by step to make sure you can follow along without a problem. After all – we care about your site’s security as well!
{Read:- How to Build a WordPress Site in 1 Day }
1. Back-Up Your Website
Whenever making major changes to your site, you should always back it up first. That way, in case something goes wrong (not that we are expecting it) you can go back to the working version.
2. Implement Your SSL Certificate
The first thing we will do is get ourselves an SSL certificate. How easy or complicated this process is, depends largely on your host.
3. Add HTTPS to the WordPress Admin Area
The first place where you will get to enjoy the new safe connection is the WordPress dashboard. By securing the back end first, you make sure that whenever a user logs in, their information is exchanged securely.
{Read:- 10 WordPress Mistakes to Avoid }
To do so, open wp-config.php in your WordPress root folder and add the following line somewhere before where it says That’s all, stop editing!.
|
1 |
define('FORCE_SSL_ADMIN', true); |
4. Update the Site Address
After moving the WordPress backend over to HTTPS, it’s time to do the same for the remainder of your site. You can do that by updating your site address under Settings > General.
5. Implement 301 Redirects in .htaccess
The next step in moving your site to HTTPS is setting up a redirect that sends visitors automatically over to the secure version. For that, we will use .htaccess. This is the name of an important system file on your server (usually in the WordPress root directory).
It usually contains settings for using pretty permalinks, so your installation probably already has one. To find it, make sure to allow your FTP client to show hidden files because .htaccess is invisible by default. If you don’t have one, just create a plain text file, rename it to .htaccess and upload it to the WordPress root directory.
{Read:- How to configure Horizontal Pod Autoscaler(HPA) in Kubernetes (EKS)? }
After that, add the following lines to it:
|
1 2 3 4 5 |
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule> |
