- Check the web host for their SSL process or any special requirements
- Backup the entire web site
- Obtain the SSL certificate
- Choose one of these process for the configuration:
Choice 1 – Use the “Real Simple SSL” plugin. This plugin really works. Follow the directions, and it will take care of the site configuration. You will need to keep the plugin active to maintain the SSL configuration.
Choice 2 – Follow the directions below to manually configure the site.
- Perform site wide change for the WordPress URL:
- Login as Admin
- Go to Setting > General
- Change the Worpress Address and Site Address to be https
- At this point, you may need to re-login as admin.
- Using a data search and replace plugin, such as “Search and Replace“; search the posts, postmeta and options table for any possible remaining URLs that still might have http:. If external links, determine if https exists for that site (Do Not Change any GUID fields)
- If you are a pro, you can use WP-CLI search-replace
- Forward http: to https: For Apache web servers, add the following to the .htaccess file. This can go above the WordPress entry. Be sure NOT to change anything in the WordPress lines:
#BEGIN redirect for HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#END redirect
- Check external links
- It this point, if some pages are not showing complete secure, this could be a case of an external link not having an https:
- Check items such as: maps, images from other site, font-families, embedded code
- Perform tests
- To test the certificate:
- Qualys SSL Server Test
- Test the site for https compliance:
- JItBit SSL Page Scan
- Update webmaster tools, Google analytics are any other site analyzers to the HTTPS version of the site.
- Follow these instructions for updating.
Here are some other helpful site with detailed SSL instructions: