How To Redirect HTTP to HTTPS in WordPress

Setting up a Secure Socket Layer (SSL) certificate for your website is easier than ever. However, in some cases, you’ll go through the entire process only to run into a ‘mixed content’ error in WordPress once the certificate is set up.

What Is HTTPS?

HTTPS is being used for communication over Hypertext Transfer Protocol (HTTP) with an ‘S’ in the end that stands for ‘Secure.’ Adopting HTTPS, you provide your users with three key layers of protection:

  • Authentication prevents ‘man-in-the-middle’ attacks and provides a guarantee one is communicating with the exact website that was intended.
  • Encryption provides privacy by encrypting the exchanged data. This ensures that conversations won’t be eavesdropped and the information won’t be stolen.
  • Data integrity prevents data from being unnoticeably modified or corrupted during the transfer.

Redirection option 1: .htaccess

You can use the https protocol if you have a SSL certificate and have installed it correctly. Most websites use the http protocol as a default protocol to handle all the information. You can force your website to use the https protocol by creating or modifying an “.htaccess” file in the folder (e.g. root) where you want the redirect to happen.Please add this to the .htaccess file

RewriteEngine On
RewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Redirection option 2: Using php

You can use the following code (function) to redirect your website using php. you can call the function in the page where you need the redirect from http to https.

< ?php function redirectTohttps() { if($_SERVER['HTTPS']!=”on”) { $redirect= “https://”.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];header(“Location:$redirect”); } } ?>

First of all, you should know that SSL must be installed in the server. To redirect the browser to “https” , we must know that the site is using SSL or not at the moment. And for this, there is a server variable in PHP called “HTTPS”. $_SERVER[‘HTTPS’] returns “on” values when the site is using SSL connection

Redirection option 3: HTML meta tag

This method is not the most perfect one but you can use it if you are not able to use the “mod rewrite”.Please add the following code to your header

< meta http-equiv="Refresh" content="0;URL=" />

Make sure the original site (the one with SSL encryption) is listening only on port 443 for the IP address you’ve assigned to it. Now create a separate site using that same IP address, and make sure it only listens on port 80. Create a single file at the root level and call it default.htm or default.asp. If you want to use HTML, then use a meta refresh tag.


Please enter your comment!
Please enter your name here