LiveChat
Support
Blog
Affiliates
After installing an SSL certificate on your site, you need to redirect all HTTP traffic to HTTPS so visitors always use the secure version. Ultra Web Hosting servers include an automatic HTTPS redirect option, but you can also do it manually via .htaccess.
Use cPanel's "Force HTTPS Redirect"
Log into cPanel > Domains > Domains, find your domain, and toggle the "Force HTTPS Redirect" switch to ON. Done. This adds server-level redirect rules that work regardless of your .htaccess configuration.
01. Method 1: cPanel Force HTTPS (Easiest)
- Log into cPanel at my.ultrawebhosting.com
- Go to Domains > Domains
- Find your domain in the list
- Toggle "Force HTTPS Redirect" to ON
This creates an nginx-level redirect that is faster than .htaccess because it is processed before Apache even sees the request.
02. Method 2: .htaccess Redirect
If you prefer to control the redirect yourself (or need custom rules), add this to the top of your .htaccess file in public_html:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]This issues a 301 (permanent) redirect from HTTP to HTTPS for all pages. The 301 tells search engines to update their index to the HTTPS version.
If you also want to force the www or non-www version at the same time, see our Complete Guide to .htaccess which covers combined www + HTTPS redirects. Also see Nginx and .htaccess Redirect Issues if you notice redirect loops when using .htaccess on our servers.
03. WordPress: Update Site URLs
For WordPress sites, the redirect alone is not enough. You also need to update the site URLs in WordPress settings:
- Log into WordPress Admin
- Go to Settings > General
- Change both "WordPress Address (URL)" and "Site Address (URL)" from
http://tohttps:// - Click "Save Changes"
If you are locked out after this change (redirect loop), you can fix it by editing wp-config.php and adding:
define('WP_HOME', 'https://yourdomain.com');
define('WP_SITEURL', 'https://yourdomain.com');04. Fix Mixed Content Warnings
After enabling HTTPS, your browser may show a "Not Secure" warning or a broken padlock if your pages load some resources (images, scripts, stylesheets) over plain HTTP. This is called "mixed content."
We have a detailed guide on fixing this: How to Fix Mixed Content Warnings After Enabling SSL
The short version: search your database and theme files for http:// references and replace them with https://. For WordPress, the "Better Search Replace" plugin makes this easy.
Need Help With SSL?
If you need an SSL certificate installed or are having issues with HTTPS redirects, our team can help.
Open a Support TicketQuick Recap
- Use cPanel's Force HTTPS toggle - Domains > Domains, flip the switch
- Or use .htaccess - RewriteRule with R=301 for a permanent redirect
- Update WordPress URLs - Settings > General, change both to https://
- Fix mixed content - Replace http:// references in your database and theme
- 301 redirects are permanent - Search engines will update to the HTTPS version
Securing your website with HTTPS · Last updated March 2026 · Browse all SSL articles
