HTTPS / SSL Secure Webpage Connection

I’ve given in and have now made my (and other) sites HTTPS compliant. This was prompted mainly by Packwebhosting who appear to have given their customers a free SSL Cert, nice one Paul 🙂 That was the first hurdle, the rest was stumbling around trying to get rid of the “Mixed content” error on the padlock (its green when using Firefox but had an orange blob and a message advising that the site wasn’t really secure).

Baring in mind that I’m not a code head and doing stuff like this is always a stumble job but that could also be due to the red wine 🙂 I trawled the Web for info and found 2 very good articles, which helped lift the fog, there was another site that I forgot to bookmark but I grabbed a bit of code for .htaccess, thanks guys.



I recommend having a read through the articles but in a nutshell, here are the things you need to do.

  1. Log in as Admin on your WP site and go to settings > General and amend the site info to https instead of http
  2. Amend .htaccess to include:-
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    This is usually at the bottom, or the section that has the line #Begin WordPress.
    Make sure you backup the .htaccess file first because there be dragons in there 🙂
  3. Now the fun begins! You need to get rid of anything on your webpages that refers to “http” instead of https.
    UPDATE June 2018 – just use the WP plugin “Really Simple SSL” , it works brilliantly.
    Most cases it will probably be where you have images with an “absolute ref” e.g. src=”name of website/folder/filename”. Make it a “Relative ref” by removing the website details, so you would now have src=”/folder/filename”. That may be all you need to do but you’ll need to check each page!
  4. Where you have links to other Webpages/sites, remove the http bit and colon and just leave the 2 forward slashes. e.g. “//websitename”. This allows the link to work and and will connect to the site is using – http or https.
  5. Hopefully you should now have a fully https compliant site, it’s a bit of a pain editing each page but hey ho. In my case I use a shared hosting facility so most of the changes had to be done in WP admin. If you have dedicated server, you might be able to use grep and other black magic to make it easier 🙂

Have fun

Comments are closed, but trackbacks and pingbacks are open.