If available always use https
, it is securer for obvious reasons, it is better received by search engines and browsers nowadays, it is just overall preferable.
1 Backup
Should go without saying, but backup your database. There is always a possibility that something goes wrong. Additionally, make sure you have access – ssh, ftp, etc – to your files, and you have a possibility to access – ssh (mysql, wp-cli), phpmyadmin, etc – the database.
2 Set URL
Either under Dashboard > Settings > General:
Or use constants in wp-config.php
:
define( 'WP_HOME','https://example.com' );
define( 'WP_SITEURL','https://example.com' );
3 Update database
Either use the Search Replace DB tool:
- https://interconnectit.com/products/search-and-replace-for-wordpress-databases/
- https://github.com/interconnectit/Search-Replace-DB
Or make use the WP-CLI command search-replace
:
Example: wp search-replace 'http://example.test' 'http://example.com'
Both above options have an option to dry run, test, before making changes.
Bonus, this plugin gets recommended a lot by people I generally trust:
Note: I personally have no experience with the plugin; I’m adding it for completeness’ sake.
4 Enforce redirecting to https
Either via adding the following lines to the .htaccess
:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Or you can generally set this via your server administration gui, so plesk, cpanel, webmin or whatever your hosting provider is offering.