fbpx

How to SSL in WordPress

Really Simple SSL WordPress

It’s now become necessary to make sure your website’s visitors use the SSL encryption. If you’re not familiar with SSL and would like to know more please read more on this article, should you require assistance using the shared SSL that Best Hosting offers to shared hosting customers, please contact us but we always suggest purchasing your own SSL Cert as this is the best way going forward and we’ll help you install it. Click to learn more about Dedicated Hosting.

Forcing visitors to use SSL can be accomplished through your .htaccess file using mod_rewrite.

If you’d like more information on mod_rewrite please read our article.

To force all web traffic to use HTTPS insert the below following lines of code in the .htaccess file in your website’s root folder.

Important: If you have existing code in your .htacess, add this above where there are already rules with a similar starting prefix.

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Be sure to replace www.example.com with your actual domain name.

To force a specific domain to use HTTPS, use the following lines of code in the .htaccess file in your website’s root folder:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Make sure to replace example\.com with the domain name you’re trying force to https. Additionally, you need to replace www.example.com with your actual domain name.

If you want to force SSL on a specific folder you can insert the code below into a .htaccess file placed in that specific folder:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} folder 
RewriteRule ^(.*)$ https://www.example.com/folder/$1 [R,L]

Make sure you change the folder reference to the actual folder name. Then be sure to replace www.example.com/folderwith your actual domain name and folder you want to force the SSL on.

SSL in WordPress

You can do this by going to Settings » General and updating your WordPress and site URL address fields.

updating-urls

Once done, check the domain resolves to your domain name and if it does not then check your .htaccess is set correctly and if it is? then wait 15 mins for your host changes to save and renew cache.

If you are on nginx servers (most users are not), you would add the following to redirect from HTTP to HTTPS:

1 server {
2 listen 80;
3 server_name yoursite.com www.yoursite.com;
4 return301 https://yoursite.com$request_uri;
5 }

SSL on Mulitisite

If you want to add SSL and HTTPS on your WordPress multi-site admin area or login pages, then you need to configure SSL in wp-config.php file.

Simply add the following code above the “That’s all, stop editing!” line in your wp-config.php file:

1 define('FORCE_SSL_ADMIN', true);

This wp-config.php ssSSL trick works for single sites as well as multi-sites.

WordPress SSL Plugin

If your site loads but shows the padlock broken then I suggest using a plugin, I’ve personally found Really Simple SSL to be on top, easy to install and work out of the box to secure the sites content.

WordPress really simple ssl plugin

The best really simple ssl plugin in my opinion!!

Once done, visit your page to ensure that you have all green light in Chrome and other browsers.

Chrome SSL Error in WordPress

WordPress Chrome SSL Error

 

If your site is not fully green then I found this site Why No Page Lock to be great, just enter your url and it scans showing you allt he content unsecure on your site. Once you know where they are then its easy to fix. Contact us if you require further assistance install or fixing your site.

Buy SSL Now Best Hosting

Buy SSL Cert Now with Best Hosting Account

 

Share

Recommended Posts

Leave a Reply