How To Update Your WordPress Site From HTTP To HTTPS Easy & Free

Gone are the days when you had to pay to get your site from HTTP to HTTPS and it’s all to a nice thing called Let’s Encrypt and without making things seem too complicated here are the steps that I’ve used to get things up and running.

Step 1: Add Let’s Encrypt

Assuming your hosting provider supports Let’s Encrypt add it to your domain(s). I use Dreamhost and it was easy: From the Main Panel–>”Secure Hosting”–>then under Add a new SSL certificate find Let’s Encrypt SSL and click “Add.” Then, under Add a Let’s Encrypt SSL Certificate choose a domain. In the Include a Unique IP make sure No thanks, I’m good is checked. Agree to the terms of service. And that’s it.

If you don’t have Dreamhost and are looking to switch please click here on my affiliate link to get $50 dollars off Dreamhost Shared Hosting Plan Plus 1 Free Domain Name for a year.


More on adding Let’s Encrypt with Dreamhost:

https://help.dreamhost.com/hc/en-us/articles/216539548-How-do-I-add-a-free-Let-s-Encrypt-certificate-


For Instructions With BlueHost:

https://www.garthmortensen.com/letsencrypt-on-bluehost-shared/


For Instructions With GoDaddy:

https://isabelcastillo.com/lets-encrypt-ssl-certificate-godaddy-shared-cpanel
https://www.godaddy.com/help/install-a-lets-encrypt-ssl-apache-20245

Step 2: Update URLs in WordPress Dashboard

Next update your urls by going to your WordPress Dashboard –> “settings” –> “general” and update the “WordPress Address (URL)” and “Site Address (URL)” from HTTP to HTTPS.

Step 3: Install & Activate Really Simple SSL Plugin

By now you’re probably thinking that you’ve done something wrong because you’re still seeing identity warnings & not seeing the SSL lock on your site. No worries it’s because you still need to install and activate a plugin called Really Simple SSL that does a bunch of things like adding things to your .htaccess file (i.e. 301 redirects). Anyway, this should remove the unsecured site warnings.

Read more about Really Simple SSL & 301 Redirects:

https://really-simple-ssl.com/knowledge-base/does-the-plugin-do-a-seo-friendly-301-redirect-in-the-htaccess/

Step 4: Enable HTTP Strict Transport Security/HSTS

To enable HSTS copy-paste the following code into your functions.php file.

Step 5: Don’t Forget To Update Google Analytics & Other Stuff

Don’t forget to update from http to https on Google Analytics (from the home page go to –>”Admin”–>”Property Settings”–>”Default Url”). Also, I’ve added a new site to my webmaster tools (i.e. I now have both http://www.mysite.com and https://www.mysite.com). That’s it.

If you have anything to add or if you would like to share your thoughts about this post please do so by commenting below. Thanks!

Other resources:

To check your certificate: https://www.websiteplanet.com/webtools/ssl-checker/

https://wordpress.org/plugins/really-simple-ssl/faq/

PLEASE SHARE YOUR THOUGHTS BY COMMENTING BELOW

Post Author: Chad

A Nobody Just Trying to Figure Things Out.

Leave a Reply

Your email address will not be published.