Once your SSL certificate is installed, you need to tell your website to always use https://. Visitors who type http:// or just your domain without https:// will be automatically redirected.
Method 1: Via cPanel (Easiest)
- Log in to cPanel.
- In the Domains section, click Domains.
- Find your domain and look for the 'Force HTTPS Redirect' toggle.
- Enable the toggle. HTTPS is now forced for that domain.
If this option is not available, use Method 2.
Method 2: Via .htaccess File
- Log in to cPanel and open File Manager.
- Navigate to your public_html folder.
- Look for a file named .htaccess. If you do not see it, click Settings at the top right of File Manager and tick Show Hidden Files.
- Right-click .htaccess and click Edit (or create a new file named .htaccess if it does not exist).
- Add these lines at the top of the file (before any existing content):
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
- Click Save.
- Test by opening your site with http:// in the browser — it should redirect to https://.
Important: Always make a backup of your .htaccess file before editing it. A mistake in .htaccess can make your entire website inaccessible.
Method 3: WordPress Sites — Using a Plugin
If your site runs WordPress, install the Really Simple SSL plugin. It forces HTTPS and fixes mixed content warnings with one click.
Note: If you are using Cloudflare, enable 'Always Use HTTPS' in your Cloudflare SSL settings instead of editing .htaccess.
