How to Fix Common SSL Issues in WordPress?

Starting from 2017, Google clamped down on site not using HTTPS protocol, declaring it unsafe, forcing website owners to start using SSL certificates on their sites.

What is SSL and how to fix these common issues?

What is SSL? Secure Socket Layer (SSL) is a networking protocol that secures connections between web clients and web servers over an insecure network, such as the internet.

SSL is a protocol that secures your websites from hackers and attacks. It makes it harder to steal your user’s information. SSL is unique; every site has a separate certificate for identification purposes.

If your site isn’t using an SSL, modern browsers like Chrome, Mozilla, and Safari will warn users when your sites loads!

For your site to accept and use payment services like PayPal, Stripe, Ideal, etc. your website has to be SSL enabled.

How to fix SSL certificates error?

In this article we will be talking about, how to fix common SSL certificates error;


These error messages show that the browser doesn’t recognize a site SSL certificate and tends to warn users about the risk before proceeding to your site. In chrome, the warning message shown in the picture below and slightly different in other browsers.

ssl 7

There could be random issues causing this, but the most common ones are:

  • The SSL certificate was issued to a subdomain on your site.
  • The browser doesn’t recognize the certificate or your SSL is expired.

If you purchased an SSL certificate initially, contact your hosting support/ provider to help you install the certificate on your site but if you manually installed it try reinstalling it and confirm if your license is still valid.

Insecure content Error after moving your HTTP WordPress website to HTTPS

Mixed content errors caused due to building your site previously on an HTTP site then moving it to an HTTPS enable site most of the URLs are still using the HTTP protocol. You need to force the use of HTTPS on all your site content.

There are two fixes to this error. We will be discussing both repairs in great detail, leaving you with the options to choose the best possible solution for you.

Using a plugin that forcefully enables SSL

WordPress has various great plugins that enable SSL on all your site content forcefully, some easy to use and a few hard. Still, the plugin we use here is Really Simple SSL Plugin, which we have tested personally and it has proven to be efficient in securing your websites.

Really Simple SSL is easy to install just search for the plugin on your site WordPress directories.

ssl 6

consequent to activation, you need to visit the settings >> page and analyze the plugin settings, it’s pretty easy and straightforward.

Manually fixing the content error.

This method is lengthy but more efficient and gives the best fulfillment.

Firstly, you need to make sure your sites use the HTTPS protocol on your URL in settings. Go to settings >> General.

if you see an HTTP URL, change it to HTTPS protocol and input your site URL, click on the save button, reload your website for the changes to be saved.

Updating database URL

You have to change the URL on your site database you can do that manually or automatically by using a plugin called Better Search Replace. You need to install and activate the plugin on your site.

Consequent to activation, you performed a search and replace function, we will show you how to do that.

better search wp

after performing the search and replace function, it will automatically replace all URLs on your database with the HTTPS protocol.

Enforcing HTTPS & Redirect

You are provided with the options by WordPress to enforce HTTPS on your site by entering the following command on your wp-config. You don’t know how to locate the file take a look at how in our previous article.

  1. define(‘FORCE_SSL_ADMIN’, true);

If your site is still having a lot of redirect issues, you can try enforcing it fully by using the code below.

  1. define(‘FORCE_SSL_ADMIN’, true);

// in some setups HTTP_X_FORWARDED_PROTO might contain

// a comma-separated list e.g. HTTP,HTTPS

// so check for HTTPS existence

if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)


Fixing HTTP to HTTPS errors via .htaccess file.

If you did a manual fix to your WordPress site, you would need to tell WordPress to redirect all HTTP requests to HTTPS forcefully automatically, but if you use a plugin like Really Simple SSL, it handles it automatically.

you need to add the following line of code to your .htaccess file

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}

We hope you find a fix with this article and get your website secured. If you run into any issues on please let us know in the comment section, we will try our best to help you out. Stay tuned for our article on WordPress Security, and you can subscribe to our newsletter to be the first to know when we publish it.

If you like this article, don’t forget to like, share and follow us on social media 🙂

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on email
Share on whatsapp

Leave a Comment


Get our latest blog posts in your inbox