HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, the protocol over which data is sent between your browser and the website you are connected to.
By enforcing HTTPS, you can ensure that all communication between your website and visitors is secure, protecting sensitive information such as passwords, payment information, and personal data.
In this article, we will guide you through the process of redirecting all visitors to the HTTPS version of your website using SiteGround’s Enforce HTTPS tool.
There are two ways to do this, both of which involve activating SiteGround’s Enforce HTTPS tool:
- From within Site Tools
- From within the SG Optimizer plugin options within WordPress. The advantage of this method is that you can also activate their “Fix Insecure Content” option, which will automatically replace all HTTP links with HTTPS links.
Right, let’s get started.
This tutorial assumes the following:
That you have already created a website on SiteGround, such as WordPress.
That you have already installed an SSL certificate on your website. If you have not done so, follow our guide on how to install an SSL certificate on SiteGround here.
That being said, after installing your website at SiteGround, you should be automatically issued with a free wildcard Let’s Encrypt SSL certificate.
How to Enforce HTTPS at SiteGround within Site Tools
The first step is to log into your SiteGround Site Tools dashboard, which can be accessed via your SiteGround client area.
You can find details on how to do this in the following articles:
Following these steps, you’ll be on SiteGround’s Site Tools dashboard.
Once you have logged into your SiteGround Site Tools dashboard for your website, you will see a list of tools on the left-hand side of the screen.
Under the “Security” section, you will see the “HTTPS Enforce” link. Click this to continue.
You will now be on the HTTPS Enforce page.
To activate the HTTPS Enforce tool, toggle the button to the on position.
You should then see a notification confirming that the HTTPS Enforce tool has been activated.
And that’s it! You have successfully set all visitors to be redirected to the HTTPS version of your website.
How to Enforce HTTPS at SiteGround with the WordPress SG Optimizer Plugin
Another way to enforce HTTPS on your website is to activate the “HTTPS Enforce” option in your WordPress dashboard.
This has the added benefit of being able to set the “Fix Insecure Content” option. This will automatically replace all HTTP links with HTTPS links to avoid those annoying “mixed content” warnings.
The first step is to log into your WordPress Admin Area, which can be accessed directly, or via your SiteGround Site Tools dashboard.
- To log in directly, go to your website’s URL, followed by “/wp-admin”. For example, if your website is called “example.com”, you would go to “example.com/wp-admin”.
- To log in via Site Tools, go to your SiteGround Site Tools dashboard, and click on the “WordPress” link under the “Websites” section. Under “Install & Manage”, click on the login link in your website’s “Actions” column. See the screenshot below for an example.
Once you have logged into your WordPress admin area, click on the SG Optimizer link in the left-hand menu.
Then click on the Environment tab.
At the top of the page, toggle the HTTPS Enforce button to the on position. You will be logged out and will have to log back in again.
While you are there, we recommend also toggling the Fix Insecure Content button to the on position. This will automatically replace all HTTP links with HTTPS links to avoid those annoying “mixed content” warnings.
This tutorial shows how easy it is to enforce HTTPS on your website with SiteGround.