Table of Contents
Redirect my WordPress website to HTTPS for cPanel account
Updated Apr 9th, 2021 at 14:25 BST
After your SSL certificate is installed on your cPanel account, there are some modifications you'll need to make to your .htaccess file to automatically redirect your visitors to an HTTPS version of your WordPress website. Note: These instructions don't apply to Managed WordPress accounts with an SSL certificate. We'll take care of the HTTPS redirect automatically (after the certificate install is complete).
Log into your WordPress Dashboard. Hover over Settings on the left navigation panel, then click General. Locate the following fields on the new page:
WordPress Address (URL) Site Address (URL)
In each field, update your URLs to include https instead of http.
For example, http://coolexample.com would become https://coolexample.com.
Scroll down to the bottom of the page and click Save Changes.
Open your current .htaccess file in the /public_html/ folder with the cPanel file manager for editing. If you don't already have a .htaccess file, you'll need to create one.
Insert the following code at the top of your .htaccess file:
# BEGIN GD-SSL
IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^coolexample\.com$ [OR]
RewriteCond %{SERVER_NAME} ^www\.coolexample\.com$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security "max-age=300"
/IfModule>
# END GD-SSL
# BEGIN WordPress
IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
/IfModule>
# END WordPress
Click Save Changes at the top-right corner of the screen.
More info: If you see any mixed content errors, you may need to perform a database find and replace.