JSM’s Force HTTP to HTTPS

Version Information

  • Plugin Name: JSM's Force HTTP to HTTPS
  • Stable Version: 3.4.1
  • Author: JS Morisset
  • Description: No setup required - simply activate to force HTTP URLs to HTTPS using native WordPress filters and permanent redirects for best SEO.
  • License: GPLv3
  • Requires PHP: 7.2 or newer
  • Requires WordPress: 5.2 or newer
  • Tested Up To WordPress: 6.0.0
  • Last Updated: 7 days ago

A simple, safe, and reliable way to force HTTP URLs to HTTPS dynamically:

No setup required - simply activate the plugin to force HTTP URLs to HTTPS.

There are no plugin settings to adjust, and no changes are made to your WordPress configuration.

SIGNIFICANTLY FASTER than other popular plugins of this type:

Other well known plugins use PHP's output buffer to search & replace URLs in the rendered HTML, which is a technique that is error prone and negatively affects caching performance (as changes are not cached).

This plugin uses standard WordPress filters instead of PHP's output buffer for maximum reliability, performance, caching compatibility, and uses 301 permanent redirects for best SEO results (301 redirects are considered best for SEO when moving from HTTP to HTTPS).

Supports advanced proxy / load-balancing HTTP headers:

  • X-Forwarded-Proto (aka HTTP_X_FORWARDED_PROTO server value)
  • X-Forwarded-Ssl (aka HTTP_X_FORWARDED_SSL server value)

See Web technology for developers > HTTP > HTTP headers > X-Forwarded-Proto for more details.

Plugin Requirements

Your web server must already be configured with an SSL certificate and able to handle HTTPS request. ;-)

Find this content useful? Share it with your friends!

10 comments on “JSM’s Force HTTP to HTTPS

  1. Rated 5 out of 5

    I spent HOURS trying to make this happen, but a problem kept coming up… I had no idea what I was doing. AND everyone had a different redirect idea online. This plugin worked the magic quickly! Thanks!

    (I did have to restart Apache after installing the plugin for those using AWS Lightsail)

  2. Rated 5 out of 5

    Spent on/off the last three days trying to get a WordPress website HSTS eligible which runs over the www sub domain and after constant messing about with umpteen configuration and https/www rewrites, nothing would work to pass HSTS preload checks for subdomains.

    Installed this plugin (handles all wildcard http >> https redirection), set the Strict-Transport-Security header in .htaccess and worked perfectly passing HSTS preload check for browser preload list submission.

    Life saver of a plugin!

  3. Rated 5 out of 5

    I looked at a number of other plug-ins to amend images from http to https and even those with the highest number of good reviews were all complicated to handle as far as settings are concerned particularly for a novice.

    This plugin is so easy. You install it and activate it and when you look you see all conversions have taken place. There are no settings to mess with. What could be easier?

    OK so I did have one problem but I don’t blame the plug-in. My site was showing mixed content. Despite all the images being https, a slider on the site had not reloaded the images. I simply removed the five images and reloaded them from the library for a perfect result.

    Thank you JSM – great plugin!

Leave a Review