Things to check on your WordPress site when moving to SSL

2 min read

Looking for a Webflow expert? Get an instant estimate today.

Instant Estimate
Jonny Pathan

As the rise in SSL usage continues, we thought we’d put together a quick guide on things to check when making the jump.

Let’s jump straight in!

Please note: This guide is for websites using WordPress. Assuming you have a certificate already, and it’s installed on your current web hosting.

1. Update your site URL

If you want to use HTTPS everywhere on your site, then you’ll need to update your site URL. You can do this by going to Settings » General and updating both your WordPress and site URL address fields.

Screenshot of General Settings
Screenshot of general settings

In some instances, such as updating an existing site, you’ll need to modify your .htaccess file to set up a redirect from HTTP to HTTPS. You can do this by editing/adding the following code snippet in your .htaccess file:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

Don’t forget to replace with your site URL!

2. Avoid the Mixed-Content warning

You may have applied the above, and noticed that on some pages of your website, you’re still not getting the green padlock:

Watb SSL https certificate example

Most of the time, this is due to something called “mixed–content”. Mixed content occurs when a webpage containing a combination of both secure (HTTPS) and non-secure (HTTP) content is being delivered over SSL. This might be because you’re loading in external content such as a set of fonts, or an image from another website. You’ll need to make sure the paths you’re linking out to in order to load content are using HTTPS in the url.If you feel uneasy about this, fear not! There is a plugin which can handle it for you aptly named SSL insecure content fixer – Always make sure to backup your database, and files before installing plugins.

3. If you haven’t got an SSL Certificate yet

You’re in luck, most hosting providers nowadays support the usage of Let’s Encrypt

Lets Encrypt Logo

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).