How to Redirect Your WordPress Site from HTTP to HTTPS

Redirecting your WordPress site from HTTP to HTTPS is essential for security, SEO, and user trust. Once your SSL certificate is installed (usually provided for free by your hosting provider), you’ll need to ensure all traffic is redirected to the secure HTTPS version of your site.

Here’s a step-by-step guide to help you do it right:

Step 1: Install an SSL Certificate

Before setting up the redirect, make sure an SSL certificate is installed on your domain.

How to Check:

• Visit your site with https:// in the URL.
• If the site loads and shows a padlock icon in the browser, SSL is active.

👉 Most web hosts like Sailexhost, Bluehost, SiteGround, and others offer free SSL via Let's Encrypt. If it’s not installed, request it from your hosting provider.

Step 2: Update WordPress and Site URLs

1. Go to your WordPress admin panel: yourdomain.com/wp-admin
2. Navigate to: Settings > General
3. Update the following fields:
   • WordPress Address (URL): change http://yourdomain.com to https://yourdomain.com
   • Site Address (URL): same as above
4. Click Save Changes

You may be logged out after saving—just log back in with the same credentials.

Step 3: Set Up HTTPS Redirect in .htaccess (Apache servers)

If you’re using Apache hosting (which most shared hosts use), do this:

1. Connect to your website using FTP or via File Manager in cPanel.
2. Locate and edit the .htaccess file in the root directory (where WordPress is installed).
3. Add the following code above the # BEGIN WordPress line:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

4. Save the file.

This forces all HTTP traffic to redirect to HTTPS.

Step 4: Use a Plugin (Optional but Beginner-Friendly)

If you’re not comfortable editing files, use a plugin like:

• Really Simple SSL
  It automatically detects your SSL and configures your WordPress site to run over HTTPS with one click.

How to Use:

1. Go to Plugins > Add New
2. Search for “Really Simple SSL”
3. Install and activate
4. Click “Activate SSL” when prompted

Step 5: Fix Mixed Content Issue

After switching to HTTPS, some resources (like images or scripts) might still load via HTTP. This causes “mixed content” warnings.

Fix it by:

• Installing the Better Search Replace plugin to update all old HTTP URLs in your database.
• Or manually updating image and link URLs to https://.

Step 6: Update Google Search Console and Analytics

• Google Search Console: Add the new https://yourdomain.com version as a new property.
• Google Analytics: Update the default URL in your property settings to use HTTPS.

Final Thoughts

Redirecting your WordPress site from HTTP to HTTPS is more than a technical upgrade—it’s a trust signal to your visitors and a ranking factor for search engines. Whether you do it manually or with a plugin, the process is quick and has lasting benefits.