How to Redirect WordPress Website URL from HTTP to HTTPS

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 4.50 out of 5)
redirect wordpress website url from http to https

A Complete Guide on How to Redirect HTTP to HTTPS WordPress Websites with Plugins or Manually

HTTPS is a secure communication protocol that acts as a validation of safeguards between the server and client. Websites that start with HTTPS are more secure and safe to browse than the ones without the HTTPS prefix. HTTPS is added to the website URL after obtaining an SSL certificate, which is provided by Certificate Authority (CA).

Installing an SSL certificate is essential for a website owner as it helps build trust and user confidence. After installing the SSL certificate, the work isn’t finished. You also need to force HTTPS to cover different website pages. In some cases, forcing HTTPS is required because the SSL certificate may not automatically be added to the URL.

Use this excerpt as a guide to learn how to redirect HTTP to HTTPS WordPress websites.

What’s the Importance of HTTPS?

The difference between HTTP and HTTPS is that of a single “S.” The “S” here stands for Secure, which changes how a user perceives your website and it decides their approach to browsing.

  • Trustworthy: Websites with HTTPS are more trustworthy for the users, and they will patronize the business. As HTTPS means the website is using SSL/TLS protocol to encrypt communications, the users will be assured that their data is not compromised.
  • Prevents Malicious Parties: Encryption means when the client and server connection is secured. As a result, no malicious party can take a peek into the conversation and information sharing between the client and server. Data like credit card numbers, passwords, username, address, social security numbers, etc., will be encrypted.

Given the increasing number of attacks on websites and platforms, you should never interact with a website that does not have HTTPS in the URL.

How to Install SSL Certificate in WordPress?

To transform your WordPress website from HTTP to HTTPS, you need to install an SSL certificate. To do this,

  1. Open the WordPress admin panel and find Settings.
  2. Click on Settings and navigate to the “General” option in the side menu.
  3. In the dialog box, you will see different columns. Check that the first two boxes, WordPress Address (URL) and Site Address (URL), show https://.

Another way is to modify the .htaccess page

.htaccess in WordPress is a special configuration file. With this, you can control the server’s runtime on the website. With .htaccess, you can control 301 redirects and SSL connections, ensure password protection, and also change the default language.

To open .htaccess location;

  1. Go to the file manager on your website’s hosting account cpanel.
  2. Find the public_html folder within the cPanel. The folder’s position might vary according to the hosting service you are using.
  3. In this, open the WordPress folder and find the .htaccess file.

At times, you may not find the .htaccess folder on the cPanel. In that case, you can create a new one from WordPress. For this;

  • Find settings on the WordPress admin panel and open Permalinks.
  • Don’t change anything on the page, scroll down to the bottom and click on Save Changes.
  • After this, WordPress will generate the .htaccess file. In case it cannot generate a new file, you will see an error message “.htaccess file is not writable.”

To manually create the file.

  1. Open your hosting account’s cPanel and open File Manager.
  2. Click on public_html and click on +File.
  3. Type the new file name that is, .htaccess, and Create New File.
  4. Once you have created the file, right-click on it and select Edit.
  5. You need to add the following code script here to complete the task.
[ht_message mstyle=”info” title=”” show_icon=”” id=”” class=”” style=”” ]

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


How to Redirect HTTP to HTTPS in WordPress?

WordPress HTTP to HTTPS force setting is required when the website URL does not automatically get updated after adding the SSL certificate.

Important Note: Never follow the force HTTP to HTTPS WordPress settings before installing the SSL certificate. Doing so might cause the website to break down.

You can take two routes for WordPress HTTP to HTTPS redirect.

Using a Plugin

Plugins are additional tools you can integrate on WordPress and get better functionality. In terms of adding more functions, a plugin can help improve the website’s appearance and performance, make it more responsive, secure, and much more.

To redirect WordPress websites from HTTP to HTTPS, several plugins are available. This includes.

  • Really Simple SSL
  • Easy HTTPs Redirection
  • WP Force SSL
  • SSL Insecure Content Fixer

All you must do is configure these plugins and they will ensure that all the URLs of your website will have an HTTPS prefix.

To use a plugin, you need to install it first and then activate it from settings. Once activated, go to the WordPress admin panel settings and visit the SSL page. Here, the plugin will automatically detect that you have an SSL certificate installed and will set it up for the website.

With the right plugin, you can also enable HTTPS on selected pages. The plugin will also look for issues on the website and suggest you to solve them for better security and performance.

Manually Force HTTP to HTTPS WordPress Redirect

This is the longer method for WordPress redirect HTTP to HTTPS and will take more time. But the benefit is that you will get a permanent solution for the redirect issue and even ensure optimized performance.

Let’s begin,

  1. Go to Settings and click on the General tab, which will take you to the general settings for the website.
  2. Here, replace the WordPress Address (URL) and Site Address (URL) and click on Save Changes. After clicking on Save Changes, you will be logged out and have to log in again.
  3. The next step is to set up WordPress redirect HTTP to HTTPS. For this, use the following code;
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

With this, all the URLs of your WordPress website will load with HTTPS.

In case you need to force WordPress website from HTTP to HTTPS, then you must configure the SSL in the wp-config.php file.

After opening the wp-config.php file, you need to add one line at the top the code;

define('FORCE_SSL_ADMIN', true);

As you complete this step, the HTTP to HTTPS redirect setup will be complete. Even with this, the website might flag some issues as it encounters problems of mixed content errors. These errors arise when some images, stylesheets, etc., are still loading with the HTTP protocol. Make sure to check for the padlock sign before the URL address.

To fix the mixed content issues on the website, you must follow a simple step. Start by finding all the mixed content URLs. These will be the URLs that don’t have HTTPS in the beginning. Replace the HTTP address with the HTTPS in the URL.

Which Approach is Better, Manual or Plugin?

When it comes down to choosing one of the two methods for redirecting WordPress website from HTTP to HTTPS, consider the following;

  • Following the plugin route will save time and efforts, as most of the work will be done by the plugin. However, you will have to select the best plugin for redirecting HTTP to HTTPS.
  • Using the manual way will give more efficient results as you can assure the output yourself. It will be a time-consuming process, as you might have to check every URL for issues. But there is a better way to do that, which is also by using a bulk search plugin.

So, either of the two ways are good for HTTP to HTTPS WordPress redirects.


Having HTTPS in the URL is an essential part of managing a website. Search engines like Google also prefer to rank websites that have an HTTPS in the URL. Moreover, websites without the SSL certificate are flagged by the web browsers, which means a potential subscriber or customer won’t even check the website, let alone buy or subscribe.

Hence, getting an SSL certificate is important, and even more important is ensuring its execution. You can get SSL certificates at very cheap price in the market from CheapSSLWeb.

Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.

Buy Cheap Wildcard SSL