SSL is a certificate which replaces the normal HTTP tunnel into a secured one. Thus, the data flowing through the tunnel is encrypted in order to stay secure.

Other than the security benefits for your WordPress website, having an SSL certificate can actually boost the organic ranking. Of course, a search engine ranking depends on multiple factors, but Google has made it official that secured websites will be given priority.

An official word from Google is enough to get a clear understanding of their motive. They want more and more websites to use secured protocols so that the user’s data is protected and they are given an even better experience.

However, it is not mandatory to get onboard. Still, the added benefits and the security layer itself are enough to get in.

Judging from the fact you’re reading all this, you’ve already made the decision to go with SSL. So, let’s jump into the tutorial part and learn how to add SSL and HTTPs in WordPress.

What are HTTPs and SSL?

HTTP is a protocol which is responsible for transferring files from one server to another. It’s the core of internet and works as a transport medium.

The default HTTP simply cares about transporting of files from one server to another, without worrying about their security or privacy elements.


HTTPs on the other side first encrypts the file at end A, sends it through a secured channel, and then decrypts the file at end B. This is how the files are transferred safely and there are lesser chances of getting them hacked or leaked.

SSL is the standard set by the authorities which takes care of encryption and decryption. Its whole purpose is to keep the data transferred securely.


Almost every WordPress hosting provider, from Shared to VIP, is compatible with the SSL. Most of them are even offering free SSL in their plans, while others allow third-party installation.

The first thing to do is to check with the host. If they are offering a free SSL, then all you have to do, is to tell them to install.

If they are not offering a free one, then ask if they charge for it. Most of them can install and provide SSL certificate at an additional charge.

Now, the third case is that you buy an SSL certificate from third-party providers and then ask your host to install it.

For the webmaster, the requirements, in this case, are very few to be worried of, as most of the things are taken care by the hosting provider.

How to Add SSL and HTTPs in WordPress?

Step 1 – First thing is to replace the code in .htaccess file with the following. Make sure you replace ‘mysite’ with your domain!


RewriteEngine On

RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$$1 [R,L]


Step 2 – Now, open the wp-config.php file and right above “that’s all, stop editing!” line, add following code.

define(‘FORCE_SSL_ADMIN’, true);

Step 3 – Now, go to the General Settings inside Dashboard and replace WordPress Address and Site Address with the HTTPs URL.


Note – These three steps will configure and implement HTTPs and SSL in WordPress website. However, the settings will be global, so all the webpages will have these effects. In order to implement these effects on specific pages, while keeping certain exclusive, you can go through following steps.

Step 4 – Visit the Plugin option and add a new one named ‘WordPress HTTPS (SSL).’ Installing and activating it is similar to any other plugin you’ve installed earlier.

Step 5 – Now, open the configuration part added by this plugin where you can put a custom configuration. Entering SSL host and Port details is the first thing to do.


Step 6 – Now, enable Force SSL Administration option, which will enable SSL mode to every admin related webpages. It is important to keep this option on.

Step 7 – Now, you need to enable the third option which will work as a filter. It will filter out the webpages, not meant to be using SSL and they will open with the normal HTTP mode.


Step 8 – You can simply click on Save Settings button at the bottom now. Before publishing a Post or Page, which is meant to use SSL, you have to hit the checkbox which configures SSL on to the same. These webpages will be included for HTTPs, leaving the rest with the non-secure HTTP mode.

All done! Before you leave everything on the automation, kindly check, at least, the important and popular webpages of your website. You should try opening them in two-three different web browsers, one of them being Chrome, considering its popularity.

If everything is working fine, then the configuration was successful. If not, you’ve to cross-check everything and find out the step you’ve missed!


Best WordPress SSL Plugin?

Really Simple SSL

As the name suggests really simple SSL plugin aids you in migrating your none secure site over to be secured version. You simply install your SSL certificate then activate the plugin, click enable SSL, hey presto all if not most your mixed content issues should be resolved with the click of a button. We use this plugin to help clear up any hardcoded links that are within the theme or plugin of an unsecured URL to force the secured version.


Final words

Now you’re aware of the reasons to add HTTPs and use SSL certificate on a WordPress website and how exactly to do it. Does it look easy to you?

More To Explore