For me I just leveraged WPX Hosting which gives free SSL for your sites and converted, then used the really simple SSL Wordpress plugin to handle all the redirects. Was pretty easy and took 30 minutes and transitioned all 6 of my Wordpress blogs to HTTPS. I even updated and ran my Amazon Cloudfront images over HTTPS too so there was no mix of HTTP and HTTPS in the URL's being loaded.

Nice Article Matt, I had the impression of reading myself as this is exactly the method I use presently. The only thing this method does not cover is coded references inside the php code. Header.php and footer.php per example might include reference to http resources. It can be handled either by another plugin or changed in the code.

This is basically my method as well although I prefer to use your Better Search and Replace plugin. The dry run option and ability to see which tables will be changed is sometimes helpful in tracking down mystery mixed-content issues.

Hey Matt - Other Matt here, Excellent article. I like the step of adding the definitions into the wp-config before jumping into the WordPress settings page. Much cleaner process. Changing my checklist to include them.

I start off with a plain http WP site. Then I'll run certbot to request a new Let's Encrypt SSL certificate: certbot certonly --webroot -w /u1/var/www/domain -d domain.com -d www.domain.com --rsa-key-size 4096 --hsts --uir --staple-ocsp --no-redirect I'm using nginx, so in the nginx site file, I'll add a redirector like this: if ($host != 'domain.com') { return 301 https://domain.com$request\_uri; } There are of course ssl directives in the nginx site file, too. Reload nginx. In the WP database, I'll run two update queries: mysql> update wp_options set option_value = 'https://domain.com' where option_name = 'home'; mysql> update wp_options set option_value = 'https://domain.com' where option_name = 'siteurl’;

Great share! We always use Better Search Replace to scan and fix all variations: 1. http://deliciousbrains.com >> replace >> https://deliciousbrains.com 2. http://www.deliciousbrains.com >> replace >> https://deliciousbrains.com 3. https://www.deliciousbrains.com >> replace >> https://deliciousbrains.com Next, we use Force HTTPS (our plugin): https://wordpress.org/plugins/force-https-littlebizzy/ Lastly, CloudFlare's "Crypto" tab has two options that are quite helpful: 1. Always use HTTPS 2. Automatic HTTPS Rewrites We also "lock in" these rewrites using CloudFlare Page Rules: 1. http://deliciousbrains.com/* >> 301 >> https://deliciousbrains.com/$1 2. http://www.deliciousbrains.com/* >> 301 >> https://deliciousbrains.com/$1 3. https://www.deliciousbrains.com/* >> 301 >> https://deliciousbrains.com/$1 Anyway hope this helps someone. Cheers!

Thanks for sharing useful information!! I am really impressed to see that you have provided such an interesting information about WordPress. I was struggling with the same issue since last 3 days and finally solved it. Anyways can you suggest me some better option to get cheap linux hosting other than redserverhost? Thank you once again!!