Share this post:

How to enable SSL on your WordPress website

Wordpress 2w

Use our simple steps to ensure you are protecting your customer data.  If you are starting a new WordPress website or reaching a point of growth with your existing website that requires you to install an SSL certificate there are a number of steps required to ensure smooth execution.

Just follow our process below to ensure you have implemented the next level of data security for your business. 

Firstly, what is SSL?
SSL is a method of encryption that protects the data between the end user (visitor) of your website, and the server that holds your website and serves it to the visitor.

SSL works by encrypting data using RSA key pairs and makes all data indecipherable between point A and point B. This is vitally important when capturing personal data and/or financial information (if you run an ecommerce site).

Having SSL also increases your trust rating with Google and other companies that influence your rankings on the internet.

This guide presumes that you do not have the help of a web developer or agency and are looking to complete these steps yourself.

First and foremost you need to update the URL in WordPress general settings. You can do this by going to Settings » General and updating your WordPress and site URL address fields.

Screen Shot 2016-05-10 at 2.45.36 PM

Now if you’re adding SSL to your existing site, then you need to setup WordPress SSL redirect from HTTP to HTTPS.

You can do this by adding the following code in your .htaccess file:

1. <IfModule mod_rewrite.c>

2. RewriteEngine On

3. RewriteCond %{SERVER_PORT} 80

4. RewriteRule ^(.*)$$1 [R,L]

5. </IfModule>

Don’t forget to replace with your site URL.

If you are on nginx servers (most users are not), you would add the following to redirect from HTTP to HTTPS:

6. server {

7. listen 80;

8. server_name;

9. return 301$request_uri;

10. }

By following these steps, you will avoid the WordPress HTTPS not working error because all your site URL and content will be on SSL.

If you want to add SSL and HTTPS on your WordPress multi-site admin area or login pages, then you need to configure SSL in wp-config.php file.

Simply add the following code above the “That’s all, stop editing!” line in your wp-config.php file:

– define(‘FORCE_SSL_ADMIN’, true);

This wp-config.php SSL trick works for single sites as well as multi-sites.

Now if you only want to add HTTPS and SSL on specific pages of your site, then you would need the plugin called WordPress HTTPS (SSL).

The first thing you need to do is install and activate the WordPress HTTPS (SSL) plugin. Upon activation, the plugin will add a new menu item labeled HTTPS in your WordPress admin. You can click it to visit the plugin’s settings page.

Screen Shot 2016-05-10 at 2.42.42 PM

The first option of the settings page asks you to enter your SSL host. This is more often than not your domain name. However, if you are configuring the site on a subdomain and the SSL certificate you got is for your main domain name, then you will enter the root domain.

If you are using a shared SSL certificate provided by your web host, then you will need to enter the host information they provided instead of your domain name.

In some cases if you are using a non-traditional SSL host and need to use a different port, then you can add it in the port field.

Force SSL Administration setting forces WordPress to use HTTPs on all admin area pages. You need to check this box to make sure that all traffic to your WordPress admin area is secure.

The next option is to use Force SSL Exclusively. Checking this box will only use SSL on pages where you have checked the Force SSL option. All other traffic will go to the normal HTTP url.

This works if you only want to use SSL on specific pages like shopping cart, checkout, user account pages, etc.

Click on the save changes button to store your plugin settings.

If you want to use HTTPS just for specific pages, then you need to edit those pages and check the Force SSL checkbox.

Screen Shot 2016-05-10 at 2.44.10 PM

Once done, visit your page to ensure that you have all green light in Chrome, Firefox and other major browsers.

It is crucial when running a business that your data remains secure. Follow these steps and keep both your personal data and customer data safe. 

About Scott Brown

Scott Brown manages our tech hub here at The Entourage. He's responsible for the development of our website and technological innovation. Scott started coding when he was 14 years old and has worked with big brands like McDonalds previously.

Share this post:

No comments



  • The largest event for Entrepreneurs in Australia and New Zealand

  • Topics

  • Social

  • twitterlinkedinrss