We explain how you can quickly and easily convert your existing http, non-secure WordPress website to use https:// and be protected by an SSL certificate.
Before you use these steps you’ll need to ensure you have an SSL certificate. All Ecenica web hosting plans include Free Let’s Encrypt SSL Certificates which are pre-installed and ready for you to use.
We strongly recommend taking a backup of your WordPress website before making changes.
How to use a plugin to convert your WordPress site to use SSL
- Log in to your WordPress Dashboard
- Click Plugins > Add New
- Search for really simple ssl
- Click Install Now next next to the Really Simple SSL plugin by Rogier Lankhorst
- Click Activate
- Click Go ahead, activate SSL
How to manually edit your WordPress site to use SSL
If you don’t want to use an extra plugin and prefer to make the changes yourself manually then you can use these steps.
1. Configure WordPress site to work through https://
- Log in to cPanel.
- For help accessing your cPanel see Where do I log in to my hosting control panel
- Click WordPress Manager.
- Expand your website you want to convert to https://
- Update Website URL from http://www.yourdomain.com to https://www.yourdomain.com
- Click Save Site Info
2. Update hard-coded links
Next step is to fix any hard-coded links on your website which are using http:// and change these to https://.
- Log in to cPanel.
- For help accessing your cPanel see Where do I log in to my hosting control panel.
- Click Terminal
- Navigate to the directory your WordPress website is in. For example, for your primary domain it would be the public_html directory:
cd public_html
Addon domains would be under a different directory you chose when creating your addon domain.
cd addondomain.com
- Run the following command changing ‘youdomain.com’ to your own domain name. The ‘dry-run’ flag will not make changes.
wp search-replace 'http://www.yourdomain.com' 'https://www.yourdomain.com' --dry-run
- If you are happy, remove ‘dry-run’ to make the changes.
wp search-replace 'http://www.yourdomain.com' 'https://www.yourdomain.com'
3. Fix insecure items on your site
If you see an insecure or mixed content warnings when visiting your website over https://, it is typically due to CSS, JS or external links. You can look into what is causing the warnings using your web browser console.
- Google Chrome Console in Developer Tools
- FireFox Web Console or Firebug
- Internet Explorer F12 Developer Tools Console
- Safari Error Console
4. Force your website to be accessed only over https – (optional)
Follow the steps in our guide How to Force HTTPS Redirect in cPanel