Your hosting comes with a SSL certificate and it will be installed after you purchase a hosting plan.
Forcing your site to load HTTPS be default
Even after you have added the SSL certificate to your site, visitors will not be able to use it unless they manually type in ‘https’ before your domain name. This defeats the purpose of adding it in the first place since the certificate is meant to protect all of your website traffic.
There are several ways to fix this. View the following article for instructions on how to create a configuration file to redirect all visitor traffic to the secure version of your URL (https). How to force your site to redirect to https (SSL)
Using SSL certificate with WordPress
Adding an SSL certificate to your WordPress site is an excellent first step towards securing your data. However, there are a few other steps you must take to fully ensure all links within your site point to the secure version of your domain name (This means the ‘HTTPS’ version).
Step 1: Add and activate an SSL certificate ( which we will do for you)
Step 2: Update database URLs.
Your WordPress database has several hard-coded URLs that point to the ‘http’ version of your domain. To update everything very quickly to ‘https’, use a plugin. This will change all internal URLs to use the new secure URL. View the following article for instructions on how to do this with a plugin: Changing your WordPress database URLs to https using a plugin
At this point all URLs in your database now point to ‘https’. You’ll be logged out after running the plugin above. Log back into your site again at the ‘https’ URL instead. For example: https://example.com
Step 3: Verify the Home and Site URL are updated
After running the plugin above, log into WordPress using the new secure HTTPS URL. https://example.com/wp-login.php Navigate to Settings -> General page. On the General page you should see your Home and Site URL now points to ‘https’.
Step 4: Update your wp-config.php file
- Log into your webserver via SSH or SFTP.
- Find the file named ‘wp-config.php’ in your WordPress site directory, and then open it in a text editor.
- Add the following two lines above the line that says /* That’s all, stop editing! Happy blogging. */:define(‘FORCE_SSL’, true); define(‘FORCE_SSL_ADMIN’,true);
Step 5: Force the URL to redirect to HTTPS
You can force your site to redirect from HTTP to HTTPS in two ways:
Step 6: Configuring Cloudflare with your SSL certificate
This section is only necessary if you have also added Cloudflare to your domain. If so, view the following article for information on how to configure it properly.