How to Move a WordPress Site from HTTP to HTTPS (SSL)

To move a WordPress site from HTTP to HTTPS (SSL), use the following steps:

  1. Make a backup of your WordPress site using the Softaculous App Installer in cPanel, and wait for the backup to complete.

  2. Sign in to the WordPress admin dashboard, then visit General Settings and change the WordPress Address and Site Address to both begin with https:// (note the presence of the ‘s’ after ‘http’).

    Typically, it is best to include the www. for normal domains, for example https://www.example.com, and omit the www. for subdomains, for example https://sub.example.com.

  3. If you have the LiteSpeed Cache plugin (recommended) installed, click LiteSpeed Cache in the left column, then click Purge All.

  4. Visit phpMyAdmin in your hosting account’s cPanel.

    Your cPanel access details are listed on the hosting account’s Info page in the Client Lounge.

  5. In the left-hand column, click the name of your WordPres site’s database.

    You can find the name of your WordPress site’s database in the wp-config.php file of your website.

  6. Click the SQL tab at the top.

  7. Run the following SQL statements to update instances of http:// found within posts (replace example.com below with your actual domain):

    UPDATE wp_comments SET comment_author_url = REPLACE(comment_author_url, "http://example.com", "https://www.example.com");

    UPDATE wp_comments SET comment_author_url = REPLACE(comment_author_url, "http://www.example.com", "https://www.example.com");

    UPDATE wp_comments SET comment_content = REPLACE(comment_content, "http://example.com", "https://www.example.com");

    UPDATE wp_comments SET comment_content = REPLACE(comment_content, "http://www.example.com", "https://www.example.com");

    UPDATE wp_commentmeta SET meta_value = REPLACE(meta_value, "http://example.com", "https://www.example.com");

    UPDATE wp_commentmeta SET meta_value = REPLACE(meta_value, "http://www.example.com", "https://www.example.com");

    UPDATE wp_links SET link_url = REPLACE(link_url, "http://example.com", "https://www.example.com");

    UPDATE wp_links SET link_url = REPLACE(link_url, "http://www.example.com", "https://www.example.com");

    UPDATE wp_options SET option_value = REPLACE(option_value, "http://example.com", "https://www.example.com");

    UPDATE wp_options SET option_value = REPLACE(option_value, "http://www.example.com", "https://www.example.com");

    UPDATE wp_posts SET guid = REPLACE(guid, "http://example.com", "https://www.example.com");

    UPDATE wp_posts SET guid = REPLACE(guid, "http://www.example.com", "https://www.example.com");

    UPDATE wp_posts SET pinged = REPLACE(pinged, "http://example.com", "https://www.example.com");

    UPDATE wp_posts SET pinged = REPLACE(pinged, "http://www.example.com", "https://www.example.com");

    UPDATE wp_posts SET post_content = REPLACE(post_content, "http://example.com", "https://www.example.com");

    UPDATE wp_posts SET post_content = REPLACE(post_content, "http://www.example.com", "https://www.example.com");

    UPDATE wp_postmeta SET meta_value = REPLACE(meta_value, "http://example.com", "https://www.example.com");

    UPDATE wp_postmeta SET meta_value = REPLACE(meta_value, "http://www.example.com", "https://www.example.com");

    UPDATE wp_users SET user_url = REPLACE(user_url, "http://example.com", "https://www.example.com");

    UPDATE wp_users SET user_url = REPLACE(user_url, "http://www.example.com", "https://www.example.com");
  8. Visit the various pages of your WordPress site via HTTPS to see if they’re loading correctly. If there are still HTTPS errors such as mixed-content errors, there may be embedded elements in your WordPress theme whose URLs have been hard-coded to begin with http://.

    To see if this is the case, check the .php files in the wp-content/themes/[your theme] folder for embedded elements (such as images, CSS, and JavaScript files) that have URLs that are hard-coded to begin with http://, and modify them to begin with https:// instead.

Your WordPress site should now be accessible via HTTPS, and a secure padlock logo should appear in your web browser when you visit your website.

Should you have any questions about making your WordPress site accessible via HTTPS, please feel free to open a Client Care ticket via the Client Lounge.