If you already have an active SSL certificate installed, you can redirect your website to HTTPS to ensure that every visitor automatically uses a secure, encrypted connection. This improves your website’s security, builds visitor trust, and can also benefit your search engine rankings.
Don’t worry if you’re not familiar with website configuration files, as this guide walks you through the process step by step.
This guide will help you redirect all visitors to the secure HTTPS version of your website using your hosting account.

What This Means
HTTPS is the secure version of HTTP and encrypts the data exchanged between your website and its visitors.
Although installing an SSL certificate enables HTTPS, visitors can often still access your website using the unsecured HTTP version unless you create a redirect.
Redirecting HTTP to HTTPS ensures that:
- Every visitor automatically uses the secure version of your website.
- Your browser displays the secure padlock icon.
- Sensitive information is encrypted during transmission.
- Search engines recognise your preferred secure website address.
If your website is built with WordPress, you may also need to update your site’s URLs or address mixed content warnings after enabling HTTPS.
Step-by-Step Instructions
Before You Begin
Before redirecting your website, ensure that:
- You have an active SSL certificate installed.
- Your SSL certificate is working correctly when you visit your website.
- Your hosting account is accessible through cPanel.
IMPORTANT: If your SSL certificate is not yet installed or isn’t working correctly, resolve that first before continuing.
Step 1: Log in to cPanel
- Sign in to your 1-grid Customer Zone.
- Open Manage Services.
- Select your hosting service.
- Click Log In to Control Panel.
Step 2: Open File Manager
- In cPanel, open File Manager.
- Save your settings.
TIP: Hidden files include the .htaccess file used to control website redirects.
Step 3: Open your website folder
Navigate to:
public_html
This is the root folder for your primary website.
Step 4: Edit or create the .htaccess file
If a .htaccess file already exists:
- Right-click the file.
- Select Edit.
If no file exists:
- Create a new file named:
.htaccess
Then open it for editing.
Step 5: Add the HTTPS redirect
Add the following code to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Save your changes.
This permanent (301) redirect automatically sends all visitors to the secure HTTPS version of your website.
Step 6: Test your website
Open your website in your browser.
You should automatically be redirected to your site, and your browser should also display the secure padlock icon.
Step 7: WordPress websites (if required)
If you’re using WordPress, you may notice that:
- Images still load over HTTP.
- The padlock icon does not appear.
- Your browser displays a “Not Fully Secure” or “Mixed Content” warning.
This happens because some website content still references HTTP URLs.
You can resolve this by:
- Updating your WordPress Site Address and Home URL to HTTPS.
- Updating existing content to use HTTPS.
- Using a trusted plugin designed to help fix mixed content where appropriate.
Important Things to Know
- An SSL certificate must already be installed before enabling HTTPS redirects.
- Redirecting visitors does not install or activate an SSL certificate.
- Browsers may cache redirects, so recent changes may not appear immediately.
- WordPress websites may require additional configuration to eliminate mixed content warnings.
- Editing the .htaccess file incorrectly can temporarily affect your website. Consider creating a backup before making changes.
Before You Move On
Before finishing, confirm that:
- Your SSL certificate is active.
- Your website automatically redirects from HTTP to HTTPS.
- The browser displays the secure padlock.
- No mixed content warnings appear.
- Internal links and images load correctly over HTTPS.
If your website uses WordPress, check several pages to ensure images, stylesheets, and scripts are also loading securely.
Common Mistakes to Avoid
- Redirecting to HTTPS before installing an SSL certificate.
- Editing the wrong .htaccess file.
- Forgetting to save changes after editing.
- Assuming browser caching means the redirect failed.
- Ignoring mixed content warnings after enabling HTTPS.
If This Didn’t Work
If your website isn’t redirecting correctly or still shows security warnings, gather the following information before contacting 1-grid Support:
- Your domain name
- A screenshot of the issue
- The exact browser error message
- Confirmation that your SSL certificate is active
- Whether you’re using WordPress or another website platform
- A copy of your current .htaccess file (if you’ve modified it)
Providing these details will help us investigate the issue more efficiently.
Related Articles
FAQs
Why isn’t my website automatically using HTTPS?
Installing an SSL certificate enables HTTPS, but visitors won’t automatically use it until you configure a redirect.
Why don’t I see the secure padlock?
The most common causes are:
- Mixed content (HTTP images or scripts)
- An inactive SSL certificate
- Browser cache
- An incorrect redirect configuration
Do I need an SSL certificate before enabling the redirect?
Yes. Redirecting visitors to HTTPS without an active SSL certificate will usually result in browser security errors.
What is mixed content?
Mixed content occurs when a secure HTTPS webpage still loads images, scripts, or other resources using HTTP. Browsers may remove the padlock or display security warnings until these resources are updated.
Will redirecting to HTTPS affect my SEO?
Using HTTPS is considered a positive ranking signal by search engines and helps improve visitor trust.
Can I reverse the redirect later?
Yes. Simply remove the redirect rule from your .htaccess file if you no longer want to force HTTPS, although this is generally not recommended for production websites.
Empowering Insight

Once an SSL certificate is installed, redirecting visitors to HTTPS is one of the simplest ways to improve your website’s security, professionalism, and visitor confidence. Most HTTPS issues are caused by configuration or mixed content rather than problems with the certificate itself.
Need Additional Support?
If you’ve completed the steps above and your website still isn’t redirecting to HTTPS correctly, contact us and our Support Team will be ready to help.
Before contacting us, please include your domain name, any browser error messages, screenshots of the issue, and confirmation that your SSL certificate is active. This will help us resolve your query as quickly as possible.