How to Redirect a WordPress Website from HTTP to HTTPS

Migrating your WordPress website from HTTP to HTTPS is an essential step for improving security, increasing trust, and boosting your SEO rankings. However, simply installing an SSL certificate is not enough — you must also set up a proper redirect so that all visitors automatically land on the secure version of your site.

This guide explains step-by-step how to correctly redirect your WordPress site from http:// to https://.

1. Make Sure Your SSL Certificate Is Installed

Before you set up redirects, confirm that your SSL certificate is properly installed by accessing:

https://yourdomain.com

If the site loads without errors, you’re ready to continue.

If not, contact your hosting provider or check your SSL settings.

2. Update WordPress and Site Address URLs

In your WordPress dashboard:

Go to Settings → General
Update these fields:
- WordPress Address (URL): https://yourdomain.com
- Site Address (URL): https://yourdomain.com
Save changes

This tells WordPress to use HTTPS by default.

3. Add Redirect Rules in the .htaccess File (Apache Servers)

If your hosting uses Apache (most shared hostings do), you can set up a redirect via the .htaccess file in the root folder of your WordPress site.

Add the following code at the top of .htaccess:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

This forces all incoming HTTP requests to redirect to HTTPS with a permanent 301 redirect.

4. Redirect via NGINX Configuration (NGINX Servers)

If your server uses NGINX, you need to modify your site configuration file:

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;
    return 301 https://$server_name$request_uri;
}

Then reload NGINX:

sudo systemctl reload nginx

5. Update Hardcoded URLs

Even with redirects, some content may still load over HTTP.

To fix this:

Option 1: Use a Plugin

Install a plugin like:

Really Simple SSL
Better Search Replace

These tools automatically detect and replace insecure links.

Option 2: Replace manually

Use “Better Search Replace” to change:

http://yourdomain.com
to
https://yourdomain.com

inside your database.

6. Mixed Content Check

To ensure everything is loading over HTTPS:

Use online tools like:

Why No Padlock
SSL Labs
Chrome DevTools (Security tab)

This helps identify images, scripts, or styles that still use HTTP.

7. Test Your Redirects

Finally, test your site:

Type http://yourdomain.com → it should redirect to HTTPS
Test internal pages
Test mobile and desktop views

If everything automatically redirects, your HTTPS setup is complete.

Conclusion

Redirecting a WordPress site from HTTP to HTTPS is straightforward once your SSL certificate is installed. The essential steps include updating WordPress settings, configuring redirect rules on the server, and fixing any mixed content issues.

A proper HTTPS setup:

Improves security
Builds trust with visitors
Boosts SEO rankings
Ensures compatibility with modern browsers

With the steps above, your WordPress site will be fully switched to secure browsing.