WP Force SSL helps you redirect insecure HTTP traffic to secure HTTPS and fix SSL errors without touching any code. Activate Force SSL and everything will be set and SSL enabled. The entire site will move to HTTPS using your SSL certificate. It works with any SSL certificate. It can be free SSL certificate from Let’s Encrypt or a paid SSL certificate.
How to add SSL & enable SSL? Most hosting companies ’support the free SSL certificate from Let’s Encrypt, so login to your hosting panel and add SSL certificate. You’ll see a button labeled “Add SSL Certificate” or “Add Let’s Encrypt Certificate” and after that it’s 1 click to have the SSL enabled on your site with WP Force SSL. If that doesn’t work get WP Force SSL PRO and it’ll generate free SSL certificate for your site. And will regenerate SSL certificate every 90 days.
Access WP Force SSL settings via the main Settings menu -> WP Force SSL.
SSL Tests available in the plugin
- is site on localhost?
- check SSL certificate
- check SSL certificate expiry date
- is latest version of Force SSL used?
- are known incompatible SSL plugins active?
- is WP address URL set for SSL?
- is WP home URL set for SSL?
- is SSL monitoring enabled (pro feature)
- is HTTPS redirection working?
- is file redirection working (pro feature)
- is HSTS enabled?
- check mixed-content is’sue (pro feature)
- is htaccess available & writable?
- is 404 redirection enabled (pro feature)
- redirect HTTP to HTTPS
- fix mixed-content (pro)
- enable HSTS
- force secure cookies (pro)
- cross-site scripting protection (pro)
- expect CT header
- X-Frame options
- show WP Force SSL menu in admin bar
- show WP Force SSL widget in admin dashboard
SSL certificate testing tool
WP Force SSL comes with an SSL certificate testing tool. It tests if the SSL certificate is valid, properly installed & up-to date.
We’re here for you! Things get frustrating when they don’t work so make ’sure you open a ’support topic in the official Force SSL forum. We answer all questions within a few hours!
A big thank you to SweetAlert2 authors which we use to make alerts nicer. And to DepositPhotos for the lovely header image.
- Open Plugins – Add New in WP admin and search for “WP Force SSL”
- Install and activate the plugin
- Open plugin settings via Settings – WP Force SSL
- Check provided tests and settings
Who is this plugin for?
For anyone who has an SSL certificate installed on their site and wants to be ’sure all content is accessed (and redirected if needed) via a secure connection.
Do I need an SSL certificate for this to work?
Yes, you do need an SSL certificate. If you don’t have one you can buy WP Force SSL PRO which will generate an SSL certificate for free.
After activating WP Force SSL, do I need to do anything else?
No, nothing. After activating WP Force SSL, the main option “redirect SSL” will already be active. What you can do is use our tests to make ’sure everything related to SSL is working.
Contributors & Developers
“WP Force SSL & HTTPS SSL Redirect” is open source software. The following people have contributed to this plugin.Contributors
“WP Force SSL & HTTPS SSL Redirect” has been translated into 14 locales. Thank you to the translators for their contributions.
Translate “WP Force SSL & HTTPS SSL Redirect” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
- added admin Dashboard widget
- new GUI & features
- PRO version available
- added flyout menu
- minor bug fixes
- added promo for WP 301 Redirects PRO
- 602,200 downloads; 100,000 installations
- minor bug fixes
- 384,400 downloads; 90,000 installations
- complete rewrite of entire WP Force SSL plugin
- added ’support for HSTS
- 288,290 downloads; 80,000 installations
- Changed function naming to avoid conflicts reported by users.
- Dropping ’support for PHP 5.3: Only 15.9% of the people that use WordPress use PHP 5.3, it reached end of life and you should ask your host to upgrade.
- Fixed an is’sue where some users were getting a error message for no valid header when activating the plugin.
- Dropping ’support for PHP 5.2: Only 5.7% of the people that use WordPress use PHP 5.2, it’s old, buggy, and insecure.
- initial release