Skip to main content

HTTPS Encryption and How to Enable It on a WordPress Site

Using HTTPS to secure your site increases trust and enhances SEO. Seravo offers Let's Encrypt HTTPS certificate to all plans.

HTTPS encryption improves site security by encrypting the traffic between the browser and the server (such as passwords and payment transactions). It builds trust among visitors and improves your site's search engine optimization (SEO).

In Seravo's service, a free Let's Encrypt certificate is included in all service packages by default. The certificate is generated and renewed automatically, as long as the domain's DNS records point to Seravo's server.

How Do I Enable HTTPS?

Since the certificate is already installed on the server, HTTPS encryption can be easily enabled by changing the site address to the secure format.

Option 1: From the WordPress Dashboard

  1. Go to Settings > General.

  2. Change the fields WordPress Address (URL) and Site Address (URL) to the format https://example.com.

  3. Save changes.

Important: To prevent old links and images on the site from causing unsecure content warnings (mixed content) in the browser, it is recommended to also update the database.

Fixing Addresses in the Database:

  1. Go to Tools > Database.

  2. Enter your site's old address (http://example.com) and new address (https://example.com) into the fields.

  3. Select All tables.

  4. First, click Do a dry-run to verify the changes.

  5. Finally, click Run wp search-replace to apply the changes to the database.

  6. Lastly, clear the site cache.

Option 2: Using the Command Line (WP-CLI)

You can handle the entire process (the address change and the database update) at once by establishing an SSH connection to your site and running the command:

wp search-replace 'http://example.com' 'https://example.com' --all-tables

This command updates both the WordPress settings and all links within the database to the secure format at the same time.

Deployment in a Multisite Environment (Network)

In a Multisite environment, the addresses must be changed through the Network Admin:

  1. Go to My Sites > Network Admin > Sites.

  2. Open the settings for the desired sub-site and select the Settings tab.

  3. Find the fields Siteurl and Home and change them to the format https://example.com/subsite.

  4. If necessary, run the search-replace tool for the database on the sub-site's part as well.

Troubleshooting: Mixed Content

If the browser indicates that the site is not fully secure after switching to HTTPS, it is often a mixed content issue. This means that the site itself loads over HTTPS, but some elements (such as images, stylesheets, or fonts) are still being fetched via an unsecure http:// address.

  • Investigate in the browser: Open the browser's developer tools (F12) and look at the Console tab. The browser will directly list the addresses causing the warning there.

  • Hardcoded links in the theme: Sometimes links are written directly into the theme files, which means the database search will not find them. You can search for these in the theme folder with the command:
    grep -RF 'http://example.com' /data/wordpress/htdocs/wp-content/themes/mytheme

  • External resources: If an element is loaded from an external website, make sure that the site in question supports HTTPS, or upload the file (e.g., an image) to your own site's media library.

Special Situations

Wildcard Certificates

If you need a wildcard certificate (which covers all subdomains in the format *.example.com), it can be implemented using Let's Encrypt. This usually requires changes to the name servers (DNS). In this case, please contact our customer service.

Self-purchased SSL Certificates

We do not recommend purchasing certificates yourself, as the automatic certificates provided by Seravo meet all modern security requirements and industry best practices without additional costs or the hassle of renewal.

However, if your company's internal regulations require the use of a separate certificate:

  1. Upload the certificate's .key and .crt files to your site's /data directory.

  2. Contact our customer service for the installation.

  3. Please note that the verification and installation of a separate certificate, as well as any related consultation work, is performed as billable expert work. The customer is responsible for purchasing the correct certificate and renewing it well in advance before it expires.

Need Help?

Contact our customer service for additional information!

Related Articles
Data Locations
WordPress Rewrites
Headless WordPress
Logging in to the WordPress Site
Using the WordPress REST API
Did this answer your question?