When one start a blog with WordPress, there was a time when it was okay, probably a standard to use HTTP, as technology has continued to grow, so do the risks associated with it.
The major risk associated with using the HTTP protocol are hackers who can easily intercept and manipulate the communication between the user’s browser and a web server.
The increased growth of and dependence on the internet for both business and personal pleasure, has given hackers an excellent motivation to access critical data like Credit Card numbers, personal identity information, and more.
Though one cannot guarantee a 100% secure site, the least a website owner can do is make it hard for hackers to access privileged information.
Why Do You Need to Redirect HTTP to HTTPS in WordPress?
With an HTTPS connection, there is end-to-end encryption between your server and the website user’s browser.
Because of the sensitivity of the data transmitted online today, the use of a secure connection is becoming a requirement for websites.
Online users will not trust a website that is not using an HTTPS connection; the green padlock provides buyers assurance that the information they transmit across the internet is safe.
If you are, therefore, an online retailer or run a website that collects personal and sensitive data, you should have no excuse for not using a secure HTTPS connection on your website.
Secondly, search engines now consider HTTPS in their search rankings, Google, for instance, places websites using the HTTPS protocol for their websites ahead of the unsecured sites using HTTP in their search rankings (SERPs).
You have all the reasons to redirect your website’s traffic from HTTP to a more secure HTTPS connection.
What Does it Take to Redirect HTTP to HTTPS Traffic?
You need an SSL certificate.
Back in the day, the cost of the SSL certificates was quite high, that somehow held back several website owners.
However, that has changed; you can get a free SSL certificate today.
If your website is using the cPanel platform, then you can get AutoSSL provided for free by cPanel to all sites on its platform.
You may want to check with your host; I know a couple of hosts that don’t allow their clients to use it in preference for the SSL certificates they sell.
However, most of the top tier website hosting companies provide SSL certificates for free.
Besides AutoSSL, you can also use Let’s Encrypt, like AutoSSL it is also free and can be installed onto your server – this works fine with Amazon services in case you are hosting your WordPress website on Amazon.
So, you have no reason as to why you can not redirect HTTP to HTTPS since the cost barrier has been taken away.
The other barrier that plagued most people was it required some technical knowledge to install and also redirect HTTP to HTTPS.
Installing the certificate itself is still a bit technical, but most hosts do this for you for free if it is not already preinstalled.
Redirecting now from HTTP to HTTPS is simplified with the use of a free WordPress plugin – Really Simple SSL.
How to Redirect HTTP to HTTPS in WordPress with Really Simple SSL Plugin
If you are sure that your server has a certificate installed, you can go ahead and install the Really Simple SSL plugin.
Once it is installed and activated, head to Settings, and then click SSL.
On the configuration page, confirm that an SSL certificate is detected on your website, if it is, click the button, “Go ahead, activate SSL.”
It is vital that you only activate SSL when your site has a certificate already installed if it does not have one your site will break.
Remember your website prior uses HTTP, activating HTTPS, redirects all traffic, which means that if your website does not have HTTPS installed errors will be returned.
Fixing WordPress Mixed content error with Really Simple SSL plugin
When you activate SSL on your WordPress website, you may start seeing mixed content errors on browsers.
This happens because some of your assets, like scripts, or images, or uploads, are still using the old HTTP in their URLs.
In order, therefore, to fix this, you will need to force all traffic to use HTTPS.
With this plugin, all you need to do is go to the settings tab, then activate the Mixed content fixer by clicking the toggle button.
Don’t forget to save your settings.
That’s it, simple right?
Final Thoughts
Today no website should be using HTTP; we have hopefully justified the need to redirect HTTP to HTTPS traffic.
We have shown you how you can get the certificates for free.
Moreover, with the Really Simple SSL WordPress plugin, you can easily redirect HTTP to HTTPS traffic of your website.
That’s not complicated. Is it?
It should be worth noting that, if you are already using a security plugin like iThemes security, chance is that that plugin already has a feature to redirect HTTP to HTTPS.
Try out Really Simple SSL and share with us your feedback. If you are using any other plugin, we would love to also know about it.
To learn how to secure your WordPress site, follow our ultimate guide on WordPress security.