Title: how do I get forced use of SSL/HTTPS?
Last modified: August 22, 2016

---

# how do I get forced use of SSL/HTTPS?

 *  Resolved [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/)
 * I have tried a couple of wordpress ssl/https plug-ins to force. My https was 
   working perfect before installing BPS pro, now any page I try to use https it
   says there are too many loops/redirects?
 * utahpac.org is my site.
 * [https://wordpress.org/plugins/bulletproof-security/](https://wordpress.org/plugins/bulletproof-security/)

Viewing 9 replies - 1 through 9 (of 9 total)

 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399782)
 * Redirect loops commonly occur when there is a mix of HTTP/HTTPS content instead
   of all HTTPS/SSL content or all HTTP content or HTTPS URI’s/content is not designated/
   rewritten correctly. ie HTTP URI’s are redirecting to HTTPS and vice versa.
 * This forum topic link shows how to add SSL/HTTPS for your entire site: [http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233](http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233)
 * If you are only adding SSL/HTTPS for certain parts of your site and other parts
   of your site are HTTP then I would need to know all the exact specific technical
   details of what you are trying to do.
 *  Thread Starter [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399788)
 * Okay, I changed the address first and now I have the blank BPS. I guess I need
   a new key? Sorry. Just sent email.
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399791)
 * Yep, just request a new Activation Key. The Activation Keys are your encrypted
   domain name including the URI scheme (http/https) and www. / non-www or other
   subdomain or subdirectory.
 *  Thread Starter [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399805)
 * Okay, found what I needed in the activation area. Thank you for your help.
 * Now it was running great with just the change to [https://www.utahpac.org](https://www.utahpac.org)
 * But as soon as I finished the
 * > “1. Copy this .htaccess code below to this BPS Root Custom Code text box: CUSTOM
   > CODE WP REWRITE LOOP START: Add www to non-www/non-www to www code here
 * Note: If your WordPress installation is in a subfolder then add the correct RewriteBase
   for your particular website/WordPress installation folder name.
    If your WordPress
   installation is in a folder named “my-site”: example.com/my-site/ Your RewriteBase
   would be: RewriteBase /my-site/
 * # WP REWRITE LOOP START
    RewriteEngine On RewriteBase / RewriteCond %{HTTPS} !
   =on RewriteCond %{SERVER_PORT} ^80 RewriteRule (.*) [https://%](https://%){HTTP_HOST}%{
   REQUEST_URI} [R,L] RewriteRule ^index\.php$ – [L] 2. Click the Save Root Custom
   Code button. 3. Go to the Security Modes page and click the Create secure.htaccess
   File AutoMagic button. 4. Activate Root Folder BulletProof Mode.”
 * I only get “Error code: ERR_TOO_MANY_REDIRECTS”
 *  Thread Starter [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399807)
 * [BPS Pro htaccess Protected Secure PHP Error Log]
 * [18-Oct-2014 04:08:50 UTC] PHP Warning: Cannot modify header information – headers
   already sent by (output started at /home/14630-5414.cloudwaysapps.com/dabjekcmeb/
   public_html/wp-includes/class.wp-styles.php:115) in /home/14630-5414.cloudwaysapps.
   com/dabjekcmeb/public_html/wp-includes/pluggable.php on line 1173
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399842)
 * I do not see that this site has a valid SSL Certificate, but that may be because
   of the redirect loop or because the SSL Certificate is not setup correctly.
 * Looks like you are using the 90 day free trial Comodo SSL Certificate
    [https://www.sslshopper.com/ssl-checker.html#hostname=www.utahpac.org](https://www.sslshopper.com/ssl-checker.html#hostname=www.utahpac.org)
 * Are you planning on making the entire website SSL/HTTPS or only parts of the 
   website SSL/HTTPS?
 * Are you using anything else that is handling SSL/HTTPS? another plugin? something
   at the host control panel level?
 * Remove/delete the SSL/HTTPS Rewrite htaccess code and let me know when that is
   done so I can recheck the site.
 *  Thread Starter [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399883)
 * Okay I #### all the rewrite code in the current htaccess and that finally did
   it.
 * I also updated my ssl certs……so it looks like I have an all green chain now.
 * Is BPS still working top notch or what adjustments?
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399888)
 * I checked the site:
    The SSL certificate is valid and setup correctly. The site
   is correctly rewriting to HTTPS. You have several HTTP links that need to changed
   to HTTPS: your footer links and links on your home page.
 * What code did you comment out with # signs?
 *  Thread Starter [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * (@remingtontm)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399897)
 * I followed your directions about deleting the custom code part, saved it, hit“
   create secure.htaccess file” button. went to htaccess file editor and deleted
 *     ```
       WP REWRITE LOOP START
       RewriteEngine On
       RewriteBase /
       RewriteCond %{HTTPS} !=on
       RewriteCond %{SERVER_PORT} ^80
       RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
       RewriteRule ^index\.php$ - [L]
       ```
   
 * from secure.htaccess
 * then placed # at “Your Current Root htaccess File”:
 *     ```
       # CUSTOM CODE WP REWRITE LOOP START - Your Custom htaccess code will be created here with AutoMagic
       # WP REWRITE LOOP START
       #RewriteEngine On
       #RewriteBase /
       #RewriteCond %{HTTPS} !=on
       #RewriteCond %{SERVER_PORT} ^80
       #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
       #RewriteRule ^index\.php$ - [L]
       ```
   
 * then the site ran perfect. Noticed in the certificate there was a break in the
   chain of trust per your preferences [https://www.sslshopper.com/ssl-checker.html#hostname=www.utahpac.org](https://www.sslshopper.com/ssl-checker.html#hostname=www.utahpac.org)
 * so then read about combining the different certificate keys provided and now 
   that seems to be great now.
 * Thank you for your help. I was tempted to just uninstall BPS Pro, but it feels
   good knowing I have your code and SSL working. I host on Cloudways and they did
   help some, but it was you who followed this to the end. So thank you again.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘how do I get forced use of SSL/HTTPS?’ is closed to new replies.

 * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938)
 * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/)
 * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/)
 * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/)

## Tags

 * [HTTPS](https://wordpress.org/support/topic-tag/https/)
 * [SSL](https://wordpress.org/support/topic-tag/ssl/)

 * 9 replies
 * 2 participants
 * Last reply from: [remingtontm](https://wordpress.org/support/users/remingtontm/)
 * Last activity: [11 years, 7 months ago](https://wordpress.org/support/topic/how-do-i-get-forced-use-of-sslhttps/#post-5399897)
 * Status: resolved