Why can I still get access to my wordpress site using HTTP after installing SSL certificate

I have successfully installed the Let’s Encrypt SSL certificate on my wordpress site hosted on dreamhost. When I enter dev.custom-english.com in the address bar I get the unsecured http://. When I enter https://dev.custom-english.com I get the secure site. I would like to get the secure site by entering dev.custom-english.com. Is there some installation step I didn’t do? Why am I still able to get access to my unsecured site?

I have tried this using Firefox and Chrome and cleared cashe every time.

Hope you can help,
Sue

Hi @shanen,

HTTP and HTTPS are separate protocols which can coexist on the same site. However, redirecting HTTP to HTTPS is usually a best practice. In order to do this, the web server needs to be configured to send an HTTP 301 redirect message when a browser visits the HTTP version of the site. Without that configuration, this won’t happen and the site will potentially simply serve the same site content.

In some cases this is done at the level of the web server configuration (like Apache or nginx), but it may also be possible to do it at the web application level (like Wordpress). I don’t know how to do the latter offhand, but maybe you can find an option in your Wordpress configuration, or maybe another forum user will come along who has this particular experience. :slight_smile:

Thank you. I used Really Simple SSL and that took care of the issue.

1 Like

Great! I’ll try to keep that in mind for other Wordpress users in the future.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.