After your SSL certificate is installed on your cPanel (Linux) hosting account, there are some modifications you'll need to make to your .htaccess
file to automatically redirect your visitors to an HTTPS version of your website.
Note: These instructions don't apply to Managed WordPress accounts with an SSL certificate. The HTTPS redirect is automatically enabled after the SSL certificate install finishes on a Managed WordPress account.
- Log into your WordPress Dashboard.
- Hover over Settings on the left navigation panel, then click General.
- Locate the following fields on the new page:
- WordPress Address (URL)
- Site Address (URL)
- In each field, update your URLs to include https instead of http.
- For example, http://coolexample.com would become https://coolexample.com.
- Scroll down to the bottom of the page and click Save Changes.
- Open your current
.htaccess
file in the/public_html/
folder with the cPanel file manager for editing. - Insert the following code at the top of your
.htaccess
file:
# BEGIN GD-SSL <IfModule mod_rewrite.c> Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_USER_AGENT} ^(.+)$ RewriteCond %{SERVER_NAME} ^coolexample\.com$ [OR] RewriteCond %{SERVER_NAME} ^www\.coolexample\.com$ RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] Header add Strict-Transport-Security "max-age=300" </IfModule> # END GD-SSL # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
- Click Save Changes at the top-right corner of the screen.