How to Force HTTPS in WordPress

Once your SSL certificate is active, you need to ensure all traffic is redirected from HTTP to HTTPS. Without this, visitors who type your domain without https:// may land on an unencrypted version of your site. dotCanada makes this easy with a couple of straightforward options.

Option 1: Add a Redirect in .htaccess

Open your .htaccess file (found in your WordPress root directory via cPanel File Manager or FTP) and add this block near the top:

RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Option 2: Edit wp-config.php

Add the following line to your wp-config.php file, just above the line that reads /* That’s all, stop editing! */:

define('FORCE_SSL_ADMIN', true);

This forces SSL on the WordPress admin area. Combine with the .htaccess redirect above to cover your entire site.

Option 3: Use a Plugin

Really Simple SSL is a popular plugin that detects your SSL certificate and handles the redirect and mixed-content fixes automatically. Install it from Plugins > Add New and activate it — it handles the rest with a single click.

Check for Mixed Content

After forcing HTTPS, open your browser’s developer tools and look for mixed-content warnings. These occur when images or scripts still load over HTTP. Update any hardcoded http:// links in your content to https://.

For assistance, contact our support team.

Previous

How to Add an SSL Certificate to WordPress

Next

How to Set Up a WordPress Firewall Plugin

Related Articles

What Is WordPress and Is It Right for Me?How to Install WordPress Using SoftaculousHow to Log Into the WordPress Admin DashboardWordPress Dashboard Overview for Beginners

100% Satisfaction Guarantee

We're so confident you'll love dotCanada that we offer a 30-day money-back guarantee. Not satisfied? Get a full refund, no questions asked.

Ready to Get Started?

Join thousands of Canadian website owners who trust dotCanada for reliable, fast web hosting.

Get Started Today