Forcing the use of SSL

Its very important to use SSL within your website as it guarantees a much greater level of security against potential online threats, most modern websites use SSL and most modern internet browsers (such as Google Chrome) will warn a potential visitor that the site they are about to enter does or doesn’t have a valid SSL certificate. Naturally if it is the case that a website doesn’t have a valid SSL certificate its highly likely that the potential visitor will choose not to enter the website in question. 

Your own website needs to be ‘forced’ into using SSL i.e. the process will not occur automatically and must be prompted. I have outlined some steps below which you will need to follow to ensure that your website will start to use SSL. The easier way to enforce SSL is to use the WordPress plugin ‘Really Simple SSL’, I have personally used this this puglin on many websites and have never encountered a problem.  You can follow an alternative method below: – 

Start by creating a .htaccess file in your public_html or webroot folder. Inside of the .htaccess file, you can use the following code to redirect visitors as long as you do not already have a .htaccess file set up:

RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]

Note this will ensure that all visitors go to https://www.YOURDOMAIN.COM

Its worth mentioning at this point that it us possible to use both methods mentioned above, this would be a ‘belt and braces’ approach to enforcing SSL protection.

If you need help please open a ticket with our hosting department and we will get back to you as soon as possible.

Powered by BetterDocs

Leave a Reply