This post guide you how to safely move/redirect your WordPress website from HTTP to HTTPS with minimal risk.
Also about HTTPS:
- Sự khác nhau giữa HTTP và HTTPS: Ảnh hưởng tới website như thế nào?
- How to configure HTTPS for Nginx with free SSL from Let’s Encrypt
- Cấu hình free SSL cho website với Let’s Encrypt (phần 1)
Step 1: Moving backend/admin page to https first
Why moving this backend first? Because this moving require you to edit a configuration file with just one line. If something goes wrong, you just login to web server, comment this line and all things becomes normal as it was.
Secondly, because it is backend, its not interrupt your frontend website.
Login to web server, cd to document root of your website, find wp-config.php and edit with vim:
Add just one line to the end of the file:
Please make sure that your firewall opened port 443 and you can telnet from your laptop to your website server port 443.
Now, refresh your backend page and you can see it changed to https instead of http which is good. That means our website can be configured to use HTTPS.
Step 2: Moving frontend to HTTPS from HTTP
Now go back to your wordpress backend page, navigate to Settings/General and change your website address both in WordPress Address (URL) and Site Address (URL) to HTTPS address.
This time, since you have moved your backend to HTTPS, 99% your frontend moving to HTTPS also successful.
Note that for a safer method, you should backup your WordPress before doing anything.