Back in April 2017, Exabytes announced that they were going to provide free SSL certs for all those on the Shared Linux Hosting plan. In May I activated it, but it was only recently that I realised my site was not redirecting by default to the https version.

Turns out I missed two key steps.

The first is relatively easy to do for most WordPress admins and should not harm your site. It’s basically:

  1. In your WordPress dashboard, go to Settings > General (usually on the left sidebar).
  2. Under the WordPress Address (URL) and Site Address (URL), add a “s” to the http, so it will be https://WHATEVERYOURDOMAIN.IS
  3. Save and you’re done here.

The 4th step requires adding several lines of code to your htaccess file. This file is a configuration file for servers running Apache Web. As a general rule, it’s always a good idea to download a copy of it to your hard drive and/or copy it somewhere on your web server before making any changes to it.

Now, the Exabytes support site says to add the following code to your .htaccess file:


[IfModule mod_rewrite.c]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.WHATEVERYOURDOMAIN.IS/$1 [R,L]

If you’re having trouble with that, then you might want to give my method a try. It’s quite simple really.

Just add this to the first line of your htaccess file:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.WHATEVERYOURDOMAIN.IS/$1 [R,L]

So if your file has code in it and looks something like this:

BEGIN W3TC Browser Cache


AddType text/css .css

Just add the rewrite code above so it will look like:


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.WHATEVERYOURDOMAIN.IS/$1 [R,L]

BEGIN W3TC Browser Cache


AddType text/css .css

Then save and either clear your cache or test the URL in a private browser. It should default to https:// with a Secure notice (if you are in Chrome). Special thanks to Razier for helping me figure this out.