You need users to trust the security of your website. You need the search engines to trust your site as well. That means learning how to switch from HTTP to HTTPS. In the past, using the HTTPS protocol on your site was a mere suggestion. We’ve known it to offer a more protective environment for users and site owners, yet browsers only gave a slight indicator to distinguish between HTTP and HTTPS.
That has changed. Most major browsers display a warning that “the connection to this site is not secure” when the site lacks HTTPS security. Search engines even discount sites without HTTPS. As a result, fewer eyes end up on your website, and when people visit your site, they get a rather unsettling message suggesting they turn around.
Our previous guide on the difference between HTTP and HTTPS explains how HTTPS encrypts data transfers on your site. It talks about how search engines, browsers, and the internet community have worked to push site owners to use the protocol. If you’re still stuck with HTTP, now’s the time to make the move. I’ll walk you through the steps on how to switch from HTTP to HTTPS with ease.
Table of Contents
Before You Do Anything
- Make a backup of your website using a plugin like SolidWP or through your webhost
- Check if your website already has an SSL certificate installed; many hosts automatically install an SSL certificate – verify this by looking at the browser address bar for a padlock icon and “HTTPS” before your domain name
Step 1: Install an SSL Certificate (Free or Paid)
To switch from HTTP to HTTPS, you must add an SSL (secure sockets layer) certificate to your website.
An SSL certificate:
- Encrypts all data transferred over your site
- Shows verification of the site owner, creating an extra level of trust
- Adds the “S” to the end of the HTTP part of your domain to make it HTTPS
- Implements visual cues for users to see the site’s security, like a padlock in the browser’s address bar
- Removes any browser warnings about an insecure website
You have several methods to install an SSL certificate on your site. Here are the easiest options:
- Install an SSL certificate through your webhost
- Use a WordPress plugin to install an SSL certificate
You can also install an SSL certificate manually (through cPanel) or via a web server; both options make the process more tedious than it should be, so we don’t recommend them.
Method 1: Install an SSL Through Your Webhost
Always turn to your webhost before seeking any other method for installing an SSL certificate. Most reputable hosting companies offer free SSL certificates for the first year. Sometimes you just have to activate the SSL – other times it’s done automatically.
Below, we show how to install an SSL certificate (to switch from HTTP to HTTPS) with some of the most popular webhosts. Another option is to talk with your host’s customer support.
Install an SSL Certificate with Bluehost
- In the Bluehost Account Manager, go to Security > Security Products > Single Domain SSL.
- This should show that your site has an active SSL. To verify, go to Hosting > Manage (for the desired website) > Security.
- If you see an “In Progress” label, request an email to complete setting up your SSL.
You can also manually switch from HTTP to HTTPS with a self-signed certificate by going to Hosting > cPanel > SSL/TLS.
Install an SSL Certificate with SiteGround
- In the SiteGround Site Tools area, go to Security > SSL Manager > Install New SSL.
- Pick your desired domain.
- Click Let’s Encrypt.
- Click the Get button.
The SiteGround dashboard also has options to import an external SSL certificate and install a premium Wildcard SSL.
Install an SSL Certificate with Kinsta
- In the Kinsta dashboard, choose your website.
- Go to Domains.
- Scroll over the Lock icon to see if the Cloudflare SSL is already installed.
Kinsta automatically activates a Cloudflare SSL for its users, so you shouldn’t have to manually switch from HTTP to HTTPS. You also have the option to add a custom SSL.
Install an SSL Certificate with HostGator
- In the Customer Portal, go to Websites > Settings > Security.
- You should see an Active status for the SSL.
- If the SSL is Not Active, click the three dots icon and choose View SSL Logs.
- Pick a domain and click Run AutoSSL.
Method 2: Install an SSL with a WordPress Plugin
If your hosting plan lacks a free SSL certificate, you can install an SSL certificate with a free WordPress plugin.
Begin by installing and activating the Really Simple SSL plugin to switch from HTTP to HTTPS.
After installation, the plugin brings you to the setup page at Settings > SSL & Security.
The plugin tells you if the website has an SSL certificate installed. If not, click Activate SSL.
Walk through the remaining prompts until it shows an active SSL certificate.
View the frontend of your website to see “https://” before your site’s URL. You’ve successfully changed from HTTP to HTTPS!
Step 2: Activate 301 Redirects
If a user goes to the older HTTP version of your site, they may receive an error or land on the less secure website. Therefore, you need to redirect users to the new HTTPS URLs.
By adding an SSL with the Really Simple SSL plugin it activates an automated WordPress 301 redirect for all pages.
You also have the option to turn on a “301 .htaccess redirect.” This version redirects pages faster, but it requires FTP (file transfer protocol) knowledge to access your website in case a rare redirect loop locks you out of the site. In short, we only recommend an .htaccess 301 redirect for users with that knowledge.
In the Really Simple SSL plugin, go to Settings > SSL & Security and click View next to “WordPress 301 redirect enabled.”
Pick your desired Redirect Method. Again, we recommend the 301 PHP Redirect unless you have FTP knowledge; in that case, choose the 301 .htaccess redirect.
Additional Steps to Take After You Switch from HTTP to HTTPS
- Switch from HTTP to HTTPS for your WordPress Address by going to Settings > General. If the SSL addition hasn’t already changed it, add “https://” to the beginning of your WordPress Address and Site Address.
- Use a plugin like BetterSearchReplace to switch from HTTP to HTTPS in your site’s database. Go to Tools, then type the HTTP URL in the Search For field. Type in the new HTTPS version in the Replace With field. Use the Run Search/Replace button to replace all the old HTTP URLs listed in the database.
- Tell Google about the HTTP to HTTPS change by modifying your URL on the website’s sitemap, in Google Search Console, and in Google Analytics.
Our Final Thoughts on How to Switch from HTTP to HTTPS
You can always bring your own SSL certificate, or buy a premium version, to switch from HTTP to HTTPS on your site, but we recommend forgoing the more complicated routes. For one, hosting companies and website builders often provide a free, automatically activated SSL certificate. If that’s not the case, use a free plugin like Really Simple SSL to add HTTPS.
If you have questions about how to switch from HTTP to HTTPS, let us know in the comments!