I like doing things the way for implementation that is bulletproof, although there are WordPress plugins out there that could automate this process for you.
You will want to open your .htaccess file in the root of your website installation (through FTP for example) and paste in the following code directly at the top:
# Force https redirect
RewriteRule (. *) https://%HTTP_HOSTpercent REQUEST_URI [R=301,L]
Now save and upload back to your site. To test this, try and visit with a page of your site by typing the http:// URL prefix. If implemented correctly, it must now redirect you / / page that is prefixed. You will see two fields that are different with your site URL of gridhost uk present in both. I enjoy doing this one so I change the Website Address and save changes using the button on the page.
I then update the WordPress Address area and save changes again. Once you save the changes this moment there is an opportunity, you will be logged out of the Admin Dashboard and certainly will go back to the Login page.
That is perfectly normal. So login , and then return to Settings > General. You will hopefully find both areas have been updated to https://.
Change into https SSL URL
Get that Green Padlock
Proper implementation of your Let’s Encrypt SSL certificate has become pretty much complete, however there are a few loose ends we need to clean up.
Remember I mentioned browser padlock icon above? We need to turn it green. And it needs to remain green once you visit with every single page of your website.
So open your site and have a fantastic look around at every webpage. Then you are finished if you discover the padlock is green on every single page. Fantastic job, love your new protected website! Proceed to the’Steps’ header below.
When the padlock is orange or showing as unlocked, then your website is having difficulties with something called mixed content. This signifies is that the content on your site may not be delivered in a way that is safe.
By way of instance, you may get an image within a blog post which has been served with the’http://’ prefix instead of https://. A page cans stop from being protected.
Fix Mixed Content Warnings
Thankfully there are lots of free tools that could help identify which content has to be fixed on your website, such as SSL-Check and Why No Padlock? .
You can use these to recognize the issue resources, however you’ll then have to manually correct these yourself. 9 days out of 10 it is in fact just as straightforward as editing your webpage content and altering any connections of pictures or other embeddable objects (videos, iframes) from http:// to https://.
You may even use something known as a Protocol Relative URL, which is simply replacing any instances of’http://’ with two forward slashes’//’. This is a choice should you wish to revert back into a non SSL site anytime later on. It means the browser will load the source using https or whatever protocol the website is using — either http .
Of course, if you’re having any difficulties in this stage of the process, do get in touch and we’ll see about getting it solved for you.
Okay, so today your site on TSOHost is successfully utilizing a free Let’s Encrypt SSL certificate. The hardest part is completed, but we’re still not completed.
We need to tell search engines and traffic that our site now lives on a secure https foundation.
The very first thing I recommend you do is head to all of your societal profiles where a link to your website may be, and change the hyperlink to your https URL. Social profiles such as Facebook, Twitter, LinkedIn etc..
If you’re using SEO tools like Google Lookup Console, go ahead and make a https version of your site in there also. Plus, submit your new https XML sitemap.
Also make sure any Analytics software you use is recognising the https switchover too.
In time, you will begin noticing that Google and other search engines are picking up on your new protected website, and will start displaying links prefixed by the https.