How to Configure WordPress to Use an SSL Cert

How to Configure WordPress to Use an SSL Cert

In today’s world EVERY site needs to be served over https. Don’t take just my word for it – take the word of one of the biggest internet companies around: Google. Take a look at their developer’s article titled: Why HTTPS Matters.

Below are the step by step instructions on what to do once the SSL certificate is installed. Got a question? Feel free to ask by posting a comment below.

Step One – Install cert. (Let’s encrypt is automatic)
Step Two – Update urls under Settings – General
Step Three – Force https via htaccess file. (Code included at bottom of this post)
Step Four – Fix mixed content issues with the plugin Better Search Replace and then uninstall the plugin. (Search: http://www.example.com or http://example.com / Replace: https://www.example.com or https://example.com )
Step Five – Update site in google and bing webmaster tools
Step Six – Sit back, relax and have a cold drink as you are done.

The below are two sets of code seperated by ——– The first set is to redirect to https://www. And the second set is to redirect to https:// (if you are doing this on a live site then do NOT switch from www to naked or vise versa as it will mess with SEO)

EDIT: Keep in mind that both set’s of code will work for most cases if you have a single site in your account (it’s not suggested to have more than one site per account for security reasons.) or each site within your account have their own domain name and they all follow the same rules. (i.e. all use www or all are naked domains.) If you have a special case feel free to comment below with what your environment entails and I’ll try to help as best as I can.

Additional notes – Ignore anyone saying to use a plugin like Really Simple SSL. Do it right the first time and you won’t have to worry about fixing it down the road if your site needs to scale big.

Copy to Clipboard
Copy to Clipboard
By |October 30th, 2017|Security|1 Comment

About the Author:

Brian Hochstein has been in and out of the hosting and web design arena as a hobby for over 15 years and has gotten back into it seriously again since 2014. His knowledge ranges from HTML, CSS, some JavaScript and PHP to server administration, computer repair and branding.

One Comment

  1. Brian Hochstein January 30, 2018 at 9:37 am - Reply

    This code was updated 30JAN18 as soon as it was brought to my attention that when using the naked to www + http to https code snippet if you were to try accessing the site via “www.example.com” the redirect would result in having an extra ‘www’ in the url. I have tested the new code on my this site and it appears to be working like it should. If you find that it is not working as it should please let me know as soon as possible.

Leave A Comment

Want updates, tips & tricks? 

Sign up for our newsletter. 
Sign Up!
close-link
Newsletter