Force Redirect to https on Your WordPress Site for All Visitors

sennheiser cx200 review
Sennheiser CX200 Street II In-ear Headphones Review
January 22, 2017
3d printing monoprice maker select v2
3D Printing with Monoprice Maker Select V2 – Part 1 | Overview and Assembly
February 27, 2017

Force Redirect to https on Your WordPress Site for All Visitors

force https sll wordpress secure

Intro

Having an SSL certificate is a must if you want display trust to users so when you go through the trouble of getting one and updating your URLs to https you want it to show for everyone.

Guide Goals

Enable all users who visit your site to view it in full secure https
Install a WordPress plugin to accomplish goal or
Edit your sites .htaccess file to accomplish goal
<10 min
Easy

Level of Difficulty

Watch the video or keep reading the full article below.

A personalized Google Ad

The Problem

So you’ve built your WordPress site you’ve got your SSL certificate, you’ve searched and replaced all of your URLs to sit behind secure https and when you load your site you see that lovely green pad lock in the address bar.

So we’re done right? Well not yet and here’s why. Let’s open up a private browsing window to mimic how other users would first visit your site. For us Chrome users this mean opening the infamous incognito window now let’s type in your website’s URL without the preceding http.

What comes up? Well unfortunately the regular unsecure http version. Without typing https:// into the browser, which let’s admit no one does, your users and costumers will be directed to the unsecure version of your site.

Why would it do such a thing you may ask after I’ve spent all the time to get a SSL cert and update my URLS, well the short answer is the protocols of the internet default to http so you have to force the matter. Luckily this is actually really easy to do and there are two routes to accomplish it.

Solution

If you are extremely lazy or don’t want to mess with coding anything into anywhere than this first route is for you. All it involves is installing a plugin called Really Simple SSL from the WordPress plugin library. Activating it and push the button called Activate SSL!

SSL plugin wordpress

That’s it you’re done. Now if we try the same trick to view our site in the private browser you see it goes directly to https and everyone is happy.

So that’s the really easy way to do it, but I’m not a fan of installing plugins if I can accomplish the same goal without it. This route will require a little more experience and higher level access. So if you don’t have access to your CPanel account or don’t know what a CPanel account is than stick with the plugin, it gets the job done.

In your CPanel account under File Manager in your public_html file you will find the .htaccess file. If you don’t see it you may have to enable the setting to view hidden files. The .htaccess file is hidden by default.

Go ahead and open the file into the editor and at the top above the other rules but below the first declaration insert the following four lines of rules. Save the file and close. And you are done.

RewriteEngine on
RewriteCond %{HTTPS} !=on [NC] [OR] 
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Conclusion

Adding those rules to the .htaccess file is basically what the Really Simple SSL plugin did automatically for you, so that you wouldn’t have to venture into this part of your web hosting environment. Let’s face it most people aren’t willing to mess with stuff back here. I didn’t want to either until I learned my way around better.

Anyway, lets try our little test again in a private browser window and you’ll be happy to see it goes to https without a problem. I could explain what each rule does but I may save that for a later article.

Of course when you’re done make sure to clear your website’s cache.

I hope this helps you guys take full advantage of your SSL certificate.