WordPress HTTP:// to HTTPS:// Quick Start Guide

This site may contain affiliate links, which means I may receive a commission for any purchases made through those links, at no extra cost to you. It's probably enough to buy me a lunch or two, but not enough for a couple of goats, which is disappointing, because goats are adorable. More info here.

This isn’t meant to be a comprehensive post on everything pertaining to moving a site from // to https://. Instead, this is more like the quick cheatsheet. This is basically the list of steps I use to move my small sites (all pages) from HTTP:// to https://.

There may be bumps in the road or special circumstances (especially for larger sites) that I don’t cover here. But if you just want the quick summary, this should work for you.

If you have more than one site, I recommend you start by moving the smallest, least popular site. This gives you the ability to test things out without worrying too much.

At the end of this WordPress HTTP:// TO HTTPS:// QUICK START GUIDE, I’ve provided a few resources that helped me think through this process. Note that none of them perfectly met my needs, so that’s why I wrote my own here. This is mostly a reminder for me! LOL.

HTTPS move


  1. Have host install SSL certificate for your domain.
  2. Go to https://yourdomain.com to see if it’s there, and if you have a green lock (you probably won’t have a green lock, so don’t worry at this point).
  3. Add the following to your wp-config file.
    define(‘FORCE_SSL_ADMIN’, true);
  4. Go to https://yourdomain.com/wp-admin and see if it works in the admin.
  5. Go to Settings > General and change the two urls there (WordPress address and site address) to https (Don’t freak out when WP kicks you out and makes you log back in. That’s normal.)
  6. Install and activate WP Force SSL plugin – https://wordpress.org/plugins/wp-force-ssl/ (If this plugin doesn’t work on your server, try adding the following lines to htacess, replacing yoursite.com with your actual domain, of course).RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://yoursite.com/$1 [R=301,L]
  7. Install and activate Search Regex plugin. Search for HTTP:// and replace all instances of it with //
  8. Run url through https://www.jitbit.com/sslcheck/ and especially https://www.whynopadlock.com/ if padlock is not green. Fix any problems. There are no shortcuts for this unfortunately. It may require digging into code. See next item.
  9. When checking for errant HTTP:// code, don’t forget to check in both theme settings and widgets
  10. Add https:// version to Google Webmaster Tools, er, Search Central
  11. Make sure rel=canonical is pointing to itself on the pages

Some hosts will install free SSL certificates. With luck, yours will too. If you need help with this, or would just like to have me handle it for you – perhaps even host your site for you – just get in touch.

Other Resources To Check When Moving A Self-Hosted WordPress Site To HTTPS://

Moving to HTTPS on WordPress

How to add HTTPS and SSL to WordPress

How to Add SSL and HTTPS in WordPress

WP Force SSL Plugin

John Mueller’s 13 FAQs for Moving to HTTPS