How to force WordPress to use SSL – TechRepublic

If you have WordPress sites refusing to work with your SSL certificates, Jack Wallen has a quick fix to show you.
Recently, I realized my professional site hadn’t been using SSL for some time. This was an oversight on my part—one that I had to rectify. After all, people could purchase items from the site, and without SSL, those purchases couldn’t exactly be trusted.
I had to set out to change this. 
My site uses WordPress from, not Instead, I install the framework manually, so I have more control over it. By doing this, everything is on me to manage and fix. Although the third-party host I use employs SSL certificates, my WordPress site was still displaying the warning that it wasn’t secure. I checked the certificates and everything was good to go. The problem was with WordPress.
Fortunately, it didn’t take me long to get SSL back up and working with WordPress. I’m going to show you how I did it.
SEE: Security incident response policy (TechRepublic Premium)
The plugin we’ll be using is called Really Simple SSL. The name is apropos, as this plugin does make setting up SSL quite simple.
Log in to your WordPress admin section and go to Plugins. Click Add New and then search for Really Simple SSL. Click the Install Now button associated with the plugin (Figure A).
Figure A
Installing the Really Simple SSL plugin for WordPress.
After the installation completes, click Activate Now (Figure B).
Figure B
Now that Really Simple SSL is installed, you can activate it.
After activating Really Simple SSL, click Plugins from the left navigation and then the Settings link associated with Really Simple SSL (Figure C).
Figure C
The Really Simple SSL entry in the WordPress Plugins page.
There’s very little you need to do at this point because the Really Simple SSL takes care of everything. For my site, the only thing I had to do was enable the WordPress 301 redirect (Figure D).
Figure D
Enabling the WordPress 301 redirect feature.
This feature redirects all requests over HTTP to HTTPS using a PHP 301 redirect. You use this if the .htaccess redirect cannot be used on NGINX servers.
Point your browser to https://DOMAIN (where DOMAIN is the domain of your WordPress site) and you should now see the lock to the left of the address. Congratulations, you have SSL enabled for your WordPress site. 
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He’s covered a variety of topics for over twenty years and is an avid promoter of open source. For more news about Jack Wallen, visit his website jackwallen….
Quick glossary: Metaverse
OneDrive Cloud Usage Policy
iCloud Usage Policy
Oracle Linux checklist: What to do after installation


Leave a Reply

Your email address will not be published. Required fields are marked *