How To Move Your Website From HTTP to HTTPS

Despite the numerous benefits of HTTPS, many website owners have not switched there site from HTTP to HTTPS yet.

And the reason can be anything. But the main reason is...

...Website owners are confused about what actions are required to move their website from HTTP to HTTPS without any difficulties.

And this confusion is quite obvious...

But don't worry I will make things clear in this article just be with me and I promise you will get that green padlock in your website very easily.

Before we directly hop into the process it's really important for us to understand what HTTPS is and how important it is.

These days we share sensitive data like credit card details, login credential, email address and other details every day on the internet dozens of time.

To secure all those details HTTPS was developed by Netscape Corporation to allow authorization and secure transactions.

In simple language, HTTPS is a secure version of HTTP and its stands for "Hypertext Transfer Protocol Secure".

The HTTPS version uses SSL certificate to establish a secure connection between browser and server. That means any information that is exchanged is encrypted.

Encryption is the process which replaces plain text ( like password and credit card details ) with random alphanumeric text which is unreadable and will be very difficult to make sense if someone intercepts them.

That is why it's really important to move your site from HTTP to HTTPS as soon as possible.

encryption and decryption in https


Along with this benefit, Google has officially announced that SSL certificate will work as a ranking factor in their search result.

So it's a win-win situation for you if you get an SSL certificate for your website which will also improve your site SEO.

So let's get started...

1) Back up your website

Whenever you are making major changes to your site it's really essential to keep the backup of your entire website.

In case if something goes wrong (that we don't want to be) you can go back and restore your website easily.

I am using Updraft plus, one of the best plugins to backup my site automatically. You can give it a try (its free).

2) Buy SSL certificate

Getting and implementing an SSL certificate is not that difficult but how easy or difficult this process is going to be is totally depends on your host provider.

Why host provider?

Because only few host provider provides free Global SSL certificate (usually cost $50) and will do all the customization and implementation process to install SSL certificate on your behalf.

Fastcomet, the host I am using is fabulous and they are best. I mean along with hosting package they will provide you:

  • Free Domain name
  • Global SSL certificate
  • Let's encrypt SSL option
  • CDN
  • Private DNS
  • Best service
  • and much more with no extra cost to you

That is why it is bearing 9.5 rating out of 10. If your host provider does not offer a free Global SSL certificate like Fastcomet then you can ask them if they sell any third-party SSL certificate.

Once you purchase a Global SSL certificate, you will have to ask your host provider to install it on your server.

This is a pretty straight-forward process. Once they set up your certificate then you will have to do few changes to your WordPress website. That we will see in next step.

However, we do have an option of let's encrypt, a free open certificate that aims to provide SSL certificate to the general public.

lets encrypt

It's become so popular that some hosting company has already started offering built-in SSL set up right from there c-panel.

So you can also check with your host provider if they offer let's encrypt.

How to set up Free SSL with Let's Encrypt on Fastcomet

Fastcomet is one of the best hosting company that offers built-in integration of free SSL.

To get it simply go to the cPanel and scroll down to the security section. There you will have to click on Let's Encrypt icon.

fastcomet lets encrypt

Upon clicking you will be asked to choose the domain name where you want to install free SSL. Choose it wisely and click on ISSUE button next to it.

fastcomet ssl installation

Once it's finished you will see a success message.

That's all you have successfully install Let's Encrypt SSL to your WordPress website.

But wait a minute...

We have not done yet. We still have to do some customization on our WordPress website to use it.

There are two ways to do so...

  1. Set up each part manually ( technical knowledge required)
  2. Install Really simple SSL plugin ( It take cares of everything )

Really simple SSL plugin will automatically detect your SSL certificate and will do all the necessary set up for your website. In most cases, you will not have to make any changes. This plugin will fix all the set up what we do manually.

really simple ssl plugin

Anyways I will also take you through manual steps. If you feel that the below steps is too technical, just install Really Simple SSL and you are all set.

Here we go...

1) Add HTTPS to WordPress Admin area

This is the first place where we will make changes to secure our website. By securing back end you make sure that whenever a user logs in, their information is exchanged securely.

To do so open wp-config.php in your WordPress root folder and add below line of code.

define('FORCE_SSL_ADMIN', true);

Once you update the file its time to check if it works. For that login to your WordPress admin panel (backend) by adding HTTPS in the URL.

I mean instead of type If it works properly then you are all set and we will continue.

2) Change website address

A website without SSL certificate uses HTTP protocol and is not secured and looks like this:

Whereas a secured version of the site which uses SSL certificate looks like

This is what we are going to change. Without this step, you will not be using SSL and your site will not be ready to collect sensitive data.

Having said that let's see how we will achieve it:

First of all, go to WordPress admin area and click on Settings followed by General. There you have to update WordPress URL and Site URL with https. For reference check below screenshot.

how to update https in wordpress

3) Implement 301 redirects in .htaccess

If you are implementing SSL to your existing site then "301 redirects" is very important.

Implementing 301 redirects ensures that all the link which has already been shared on the internet with HTTP version will automatically redirect to the secure version of your website i.e HTTPS.

To do so add following code to your .htaccess files

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

If you are on NGINX server then you have to add below line of codes in your .htaccess files.

server {
listen 80;
return 301$request_uri;

That's it you are all set. Now all your visitors (including Google bots) will automatically land on your secured version of your WordPress website.

Now we have to do few additional setups. Basically, we will update our site environment.

1) Add site to webmaster tools

Since we have updated our site to HTTPS version so it's our duty to go to every webmaster tools and add the HTTPS version of our site as a new property.

For Google webmaster tools simple go to Google Search Console profile and click on "Add a Property"

https add a new property

A new pop up window will open, enter the URL of your website followed by HTTPS then click on "Add".

https add a new website

2) Update sitemap

Ideally, if you are using Yoast SEO plugin on your WordPress website then the sitemap will get updated automatically. However, it doesn't always work that way.

For that continue with Google Search console profile and follow the below steps (for reference see below screenshot):

  • Click on Crawl
  • Go to sitemap option
  • Once you click on sitemap you will get an option of Add/ Test sitemap, click on that
  • Paste sitemap_index.xml
  • Submit

https sitemap submission

The same process will go with Bing Webmaster Tools and Yandex Webmaster Tools.

3) Update Google analytics settings with HTTPS

If you have embedded Google Analytics in your WordPress website, then you need to update its settings with HTTPS. To do so follow the below steps:

  • Go to Google Analytics dashboard
  • Click on Admin
  • Go to Property settings
  • From "Default URL" drop-down choose https and save the changes.

https setup in google analytics

4) Misc updates
  • Update your canonical tags
  • Update any third party PPC URLs (AdWords, Bing Ads etc)
  • Update Email Marketing Tools (MailChimp, Aweber etc)
  • Update any other Tools
5) Test your site

So by now, we are all set now its time to test if everything works correctly.

For that go ahead to SSL shopper and SSL lab. Enter your domain name and check the result.

It will give you an overall score and details of your installed SSL certificate.


As you have noticed there is a lot that goes into an HTTP to HTTPS migration.

It may look very tough but if you follow this guide you will make your website secured which is the most important thing for any website owner.

Beside securing and gaining trustworthiness having an SSL certificate installed on your website improves your site speed and SEO.

I hope this guide helped you in installing and adding SSL certificate to your WordPress Website.

Share your experience in moving your website from HTTP to HTTPS in the comment section 🙂

Further Readings

pragati kumar sheel elegant espace


Enter your email below to get early access to my blog post and receive notifications in your inbox.

Get it now 🙂

Ebook for beginners

Absolutely free

Liked this guide?... Don't forget to share...!!
  • 14


  1. What a remarkable and clear guide on HTTPS. Thank you Pragati it really helped me a lot. I haven’t heard of Fastcomet. Is that really reliable hosting company??

  2. hello pragati

    I happy about the explanation , what a explanation of all of these it help me lot of my study and I accept you enter some new thing in these



Leave a Reply

Your email address will not be published. Required fields are marked *