Instructions rely on you replacing <DOMAIN> with your actual domain name - no www prefix. For example if your domain is mycooldomain.com simply replace all instances of <DOMAIN> with mycooldomain.com
1) Log into WordPress Admin and go to Settings -> General. Change the URL for both WordPress Address and Site Address to https://www.<DOMAIN>
2) Install the following plugin and activate: https://wordpress.org/plugins/really-simple-ssl/
3) Add this code to the top of the .htaccess file in your site's root directory - note, it is very important that it is the first thing in the .htaccess file:
Header set Strict-Transport-Security "max-age=31536000"
Header set Content-Security-Policy "upgrade-insecure-requests"
RewriteEngine On
RewriteCond %{HTTP_HOST} ^<DOMAIN> [NC]
RewriteRule ^(.*)$ https://www.<DOMAIN>/$1 [NC,R=301,L]
RewriteCond %{HTTP_HOST} ^<DOMAIN> [OR]
RewriteCond %{HTTP_HOST} ^www.<DOMAIN>
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.<DOMAIN>/$1 [NC,R=301,L]
ExpiresActive On
ExpiresByType image/png "access plus 1 week"
ExpiresByType image/jpeg "access plus 1 week"
ExpiresByType image/gif "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
ExpiresByType text/css "access plus 1 week"
ExpiresByType text/javascript "access plus 1 week"
ExpiresByType application/javascript "access plus 1 week"
ExpiresByType application/x-javascript "access plus 1 week"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType text/xml "access plus 1 week"
Categories
Categories
Enabling HTTP/2 For WordPress Sites Print
- 0
