Jan 292016

WordPress Easy HTTPS Redirect Plugin tutorial shows you how to set up and configure your site for HTTPS security using this plugin.

Last Updated: November 24, 2019

Latest News: Updated the changelog.

Note: Before you begin you must make sure your server has the SSL certificate set up and configured correctly for your website before you begin using this plugin.


Easy HTTPS Redirect 1.9.1 changelog.

  • WP 5.3 warning fix for the add_submenu_page() function call. Thanks to @vfontj for pointing this out.

In this post you will learn how to set up your site for HTTPS security using Easy HTTPS Redirect plugin. This is a very simple plugin and does a great job. More than 10,000 have already set up their site successfully using this plugin.

What you need:

WordPress Easy HTTPS Redirect Plugin


The external links (outgoing links) are not touched by the plugin. It only forces the URLs (static resources) that are used in an EMBED in your web page. So lets say for example, you have embedded an image in your blog post. This image is coming from an external source. If that image URL is not using HTTPS then your full post is going to show the SSL warning (meaning its no longer a secure page).

The way SSL works is that you can’t embed anything using non-https URLs if you want the page to be fully SSL secured. So things like images, JS files, CSS files etc that are embedded in your site must be in HTTPS. there is no other way.

However, if you have a simple outgoing link to another site (for example a link to a reference page, an amazon product page etc.) and that link is non-https, that is totally fine. That link has no bearing in your page being SSL secured. So the plugin won’t touch that.


Step 1 ) Go to Settings -> HTTPS Redirection to set up and enable the plugin.

Step 2 ) First read the following message illustrated in the image, which is displayed at the very top of the plugin admin settings.


Step 3 ) Once you have read the above then carry on with the settings of the plugin. The plugin only has 3 options to set up. It is very easy but at the same time very effective. In the following image you will be able to enable the following options.

Plugin Admin Options

  • Enable automatic redirection to the “HTTPS”
  • Apply HTTPS redirection on:
  • Force resources to use HTTPS URL.
  • Click on Save Changes button once you have completed your settings.


Step 4 ) The following image Notice provides information for you to follow in case something goes wrong with your site after you enable the plugin and save the settings.



Troubleshooting Tips

Q1 Images are not displaying after I installed the plugin?

Solution: Make sure you have enabled the following option Force resources to use HTTPS URL as illustrated in Step 1 ) above.


Q2 Some of my links are still showing as non secure in the browsers. How do I fix this issue?

Solution: You will have to check the URL address for the links that are broken in your site and make the necessary changes i.e. change http to https.

Note: This plugin does not control the URL address of a site. For example; www.yoursite.com or yoursite.com. This is done via your Host and you can also use Google Webmasters Tools.


Q3 I have a page with an external http link in an iframe. Because of this plugin it gives me the error.

Solution: In modern browsers you can’t have non-https iframe on https page. You can carry out a small test by creating this simple html file:

<iframe src="https://newtracking.post.ir">

Then save it as test.html on your website and then access it via your browser – e.g. https://example.com/test.html

You will see the iframe content is not displayed and a warning is shown in the address bar of the browser saying that insecure content has been blocked. Only when you click that warning and allow displaying of insecure content, you’ll see your iframe content. (Solution provided by @alexanderfoxc in the following forum post)


Q4 Could the plugin be updated to have an option to allow RewriteCond %{ENV:HTTPS} !^on$ [NC] to be used instead.

Solution: Enable the settings in the plugin then let it update the .htaccess file when you save the settings. Then you can manually update the .htacess file yourself and it will use whatever you have in your file. Remember when ever you click on save settings button, the .htaccess file will also get updated. This means you will loose your custom code, so make a note of this. You can read more about it in the following forum post.


That is how simple it is to enable https security to your whole website, some pages or posts.

I will be updating this post from time to time. So keep coming back for more.


I have been working in IT since 1999 and I enjoy the challenges it brings me. I love developing websites with WordPress. I spend a lot of time helping out in wordpress.org forums. I have been writing tutorials since 2011. Now I am learning how to manage my own VPS "Virtual Private Server.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>