How to Move a WordPress Website from HTTP to HTTPS/SSL

Configuring WordPress for SSL/HTTPS

Links in WordPress (such as image attachments, themes CSS and JavaScript files) are relative to the install URL.

To change WordPress from HTTP to HTTPS, the install URL must changed from say http://tdwebservices.com to https://tdwebservices.com.

  • Login to your WordPress dashboard and navigate to Settings > General.
  • Ensure that the WordPress Address (URL) and Site Address (URL) are https. If not, add S after http to make https and save it.




To easily enable (and enforce) WordPress administration over SSL, the constant FORCE_SSL_ADMIN should be set to true in your site’s wp-config.php file to force all logins and all admin sessions to happen over SSL.
    
define('FORCE_SSL_ADMIN', true);

The constant FORCE_SSL_ADMIN can be set to true to force all logins and all admin sessions to happen over SSL.

If your WordPress site uses a content delivery network (CDN) to serve its components (images, JavaScript, CSS style sheet), ensure the URLs are all https:// otherwise your website will be deem insecure by the web browser.

What’s Next?

Now that we’ve successfully moved WordPress to HTTPS, we still need to do two more things — set up a 301 permanent redirect and inform Google of the URL change.

To setup a 301 permanent redirect, FTP/SFTP to your server and add the code below at the top of WordPress’ .htaccess file.
   
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^yoursite.com [NC,OR]
RewriteCond %{HTTP_HOST} ^www.yoursite.com [NC]
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [L,R=301,NC]


Change every instance of yoursite.com to your WordPress URL.

To inform Google about the change in URL, re-add your WordPress site to Google webmaster tool (but this time with https://) and follow this this guide to let Google know about the change of URL.
  • 5 Users Found This Useful
Was this answer helpful?

Related Articles

Categories and tags have vanished

The problem ended up being that system alerts had caused certain functions to shut down. One of...

Leverage Browser Caching

<IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 month"...

How to deactivate all plugins when not able to access the administrative menus?

Sometimes it may be necessary to deactivate all plugins, but you can't access the administrative...

WordPress Security - Base64 and eval

WordFence has a scanner that can find base64 and eval code. You can use CPANEL file manager to...

How to disable WordPress maintenance mode after a failed update

You start an update and the update process fails at some point, leaving your WordPress website...