How to enable SSL in WordPress

In light of the recent changes in Google’s ranking algorithm, many people are opting to switch their websites over to HTTPS, including some of our clients who use WordPress for their CMS.

Update WordPress Settings.

Log in to your WordPress Dashboard and navigate to Settings > General.

Change both the WordPress address and Site address from http:// to https://.

Edit your .htaccess file.

Using SSH, an FTP client, or your web hosts file manager, open up your .htaccess file and add the following code.# forward all connections to https

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Update your Permalinks.

From your WordPress Dashboard navigate to Settings > Permalinks and click on Save Changes to update the URL protocol.

Update wp-config.php

Again, using SSH, an FTP client, or your web hosts file manager, open up your wp-config.php file and add the following code. Save the file.

# force ssl for all logins
define('FORCE_SSL_ADMIN', true);

Protocol Relative URLs

If you’ve previously hard-coded any internal links that are http:// you will need to manually update those.

Using protocol relative URLs, if the browser is viewing the current page through HTTPS, then it’ll request that asset with the HTTPS protocol, otherwise it will fallback to HTTP.

# standard url

# protocol relative url

Let Google know.

Finally, you’re going to want to let Google know of the changes.

Log in to Google Webmaster Tools and make sure that you’ve added and verified both your old version and new version, in this case, that means your old site and your new Note the (s) in the URL.

Resubmit your sitemap for the new HTTPS version of your site, also select Crawl > Fetch as Google and submit to the index.

Lastly, monitor your Google Webmaster Tools and/or Google Analytics to check anything you may have missed and adjust accordingly.


About Me

Designer. Developer. Hacker. Senior Reviewer / Content Specialist @envato