This plugin can be used to make your site SSL compatible easily. It can automatically redirect the visitors to the HTTPS version of the site. This will ensure that the search engines are indexing the HTTPS version of your website and your visitors are going to the HTTPS pages.
You can also use it to easily make the site SSL compatible by force-loading static resources using HTTPS URLs.
Minimum Requirement
You need to have an SSL certificate installed on your site (your hosting provider can install SSL certificate for you).
Plugin Installation
- Go to the Add New plugins screen in your WordPress admin area
- Click the upload tab
- Browse for the plugin file (https-redirection.zip)
- Click Install Now and then activate the plugin
Plugin Usage
After you install and activate the plugin, go to the settings menu of this plugin to enable the options.
Click on the “Easy HTTPS & SSL” menu link from the WordPress’s main “Settings” menu.

You can enable the following two options from the settings menu:
- Enable automatic redirection to the HTTPS
- Force resources to use HTTPS URL
1) Enable Automatic Redirection to the HTTPS Page
Lets say for example, you want to use “https” URL for the following page on your site:
www.your-domain.com/my-test-page
Enabling this option will enforce it so if anyone uses an URL like the following in the browser’s address bar:
http://www.your-domain.com/my-test-page
It will automatically redirect to the following HTTPS version of the page:
https://your-domain.com/my-test-page
So you are always forcing the visitors to view the HTTPS version of your web pages.
2) Force Resources to Use HTTPS URLs
If you have an existing website where you have a lot of static files that are embedded in your posts and pages using “non-https” URLs then you will need to change those. Otherwise, the browser will show an SSL warning to your visitors (because some of the static resources are embedded using “non-https” URL.
Enabling this option will force-load those static files using HTTPS URL dynamically. This will make the web-page fully SSL compatible.
HTTP Strict Transport Security (HSTS) Support
In addition to redirecting visitors to HTTPS, this plugin allows you to enable HTTP Strict Transport Security (HSTS), a security header that instructs browsers to only connect to your site over HTTPS, even if a visitor types http:// or clicks an old HTTP link.
Without HSTS, there’s a brief moment on every “http → https” redirect where the browser makes an initial insecure request before being redirected. HSTS removes that gap entirely by telling the browser to rewrite HTTP requests to HTTPS internally, before any connection is made.
Important Note: Only enable HSTS after you’ve confirmed your site loads correctly and consistently over HTTPS with no mixed content or certificate errors. Once a browser receives the HSTS header, it will refuse to load your site over HTTP for the duration you specify, even if your SSL certificate later expires or is misconfigured. Test thoroughly before turning this on for a live site.
Mixed Content Scanner & Database URL Fixer
Switching your site to HTTPS doesn’t automatically fix old HTTP URLs already saved in your database. If those references remain in post content, post meta, custom post types, or WordPress options, your pages can still trigger browser “mixed content” warnings even after redirection is working correctly.
This plugin includes a built-in scanner to find and update those insecure URLs to their HTTPS version, without requiring manual database editing.
Before you run it: This tool modifies your database directly. Back up your database first — while the scanner is designed to only touch matching HTTP URLs, any bulk find-and-replace operation carries some risk if your backup isn’t current.
Using the Mixed Content Scanner
- Take a full database backup.
- Go to Easy HTTPS & SSL -> Mixed Contents in your WordPress admin menu.
- Select the post types you want scanned.
- Choose whether to include post meta and/or the options table.
- Pick your scan scope – start with “Scan Static Resources Only” if you just want to catch images/scripts/CSS references, or “Scan All” for a comprehensive sweep.
- Run the scan and review the results before confirming the update.
This is especially useful for cleaning up legacy HTTP links, helping you achieve a fully secure padlock with no mixed content errors, without editing the database by hand.
SSL Certificate Expiry Notification
This plugin includes a feature that allows you to receive email notifications when your SSL certificate is about to expire. It helps ensure your website remains secure and accessible over HTTPS.
You can configure the recipient email address and specify how many days in advance the notification should be sent. By default, the notification is sent 7 days before expiry, but you can adjust this to suit your preference.

Troubleshooting
If after making changes your site stops functioning, do the following:
Step #1: Open .htaccess file in the root directory of the WordPress install and delete everything between the following two lines
# BEGIN HTTPS Redirection Plugin # END HTTPS Redirection Plugin
Step #2: Save the htaccess file (this will erase any change this plugin made to that file).
Step #3: Deactivate the plugin or rename this plugin’s folder (which will deactivate the plugin).
Troubleshooting – Force Deactivate Plugin
You can use this technique to force deactivate a WordPress plugin.
Plugin Compatibility
Works with the latest version of WordPress.
Download The Plugin
Download the plugin now and make your site SSL compatible.
Download the Easy HTTPS Redirection Plugin.
More WordPress Plugins
Check out our WordPress plugins page for more cool WordPress plugins.