SSL Certificate: Still Showing as HTTP, not HTTPs

May 2019

We’ve had a lot of questions since our last blog post explained what is an SSL certificate and why does your website need one. We now find that people who decided to set up their SSL certificate on their own are running into a new issue.

The Problem: HTTP vs. HTTPs

Some websites that have the SSL Certificate installed are still sending people to the HTTP:// URL instead of including the “s” – making it “secure.”

There are two reasons this problem occurs:

  1. People who had the web address saved in their browser prior to you adding the SSL certificate, will still automatically load up the old URL.
  2. Any backlink you have on your website (for example in blogs or on your webpages) is using the old HTTP:// URL and will send people to the old URL, as well.

While it seems like such a small detail, it is actually making all those sessions unprotected. Since the SSL Certificate only works on the new URL, it is crucial that you get this fixed as soon as possible.

The Solution: Redirect Your Old Domain to the New Domain

The best way to solve this issue and keep it resolved is by adding a redirect on your old domain. It is a one-time change that will then catch all the other HTTP:// links out there across the web, ensuring they will all start secured sessions. Anytime someone goes to an old URL, your website will automatically and immediately change the URL to the new URL that is safe to use.

There are many resources online on how to do this. Site Ground provides a clear step-by-step article on their blog that explains that you need to edit the .htaccess file and add the following code:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Alternatively, if you have a WordPress website you can also go ahead and install this Plugin: Real Simple SSL. If you do decide to go this route, be sure you keep updating your plugins at least once per month to keep it secure.   

Need Help Setting Up or Fixing Your SSL Certificate?

If you have not gotten started yet or want to ensure that the switch is done properly, we can help you get set up. KWSM: a web marketing agency charges a one-time fee to install the SSL Certificate and ensure that everything redirects correctly.

Contact us to get started.


The average cost of a data breach in 2020 will exceed $150 million.

Is your website secure enough to avoid these data breaches? Our team of experts will be able to help you optimize your website so that your website is safe to use.

CLICK HERE to sign up for a complimentary 30 Minute Website Audit


Fill out the form below to start your conversation with KWSM.

Core Values at KWSM a digital marketing agency