WordPress HTTPS Redirect – A Quick and Easy Guide

Setting up a WordPress HTTPS Redirect.

In a previous post, I explained how I set up a free Let’s Encrypt SSL certificate on a GoDaddy hosted WordPress site. In this post, I’ll show how to quickly configure an HTTP to HTTPS redirect so visitors always browse a secure site.

When setting up Let’s Encrypt as outlined in my previous post, if all works well, browsing the site using HTTPS works fine. However, HTTPS has to be explicitly provided in the URL by a visitor. Most (if not all visitors) are likely going to just enter the website name which will default to HTTP. To redirect to HTTPS, the .htaccess (as one option) file can be modified. While I mention WordPress in this post, this solution can essentially be used as a redirect method for any type of HTTP site.

I’ve seen a few variations via multiple searches and chose to use this version of code at the beginning of my own .htaccess file. Doing so redirects any visitor who uses HTTP to be automatically redirected to HTTPS – and uses a 301 (permanent) for the redirect. I chose a 301 redirect over a 302 (temporary) as my thought was that I’ll probably stick with HTTPS going forward. There’s a lot of good information on 301 vs 302 redirects to explain the difference. Here is a conversation at stackoverflow on the topic.

Obviously, you need to modify the URL for your own site in the example below. The .htaccess file can be found in your site’s root folder. I used the Filezilla client to gain access and edit the file.

Setting up a WordPress HTTPS Redirect via the .htaccess file:

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://tonymoreira.com/$1 [R=301,L]

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright MMXVIII Tony Moreira Dot Com