WP Force SSL & HTTPS SSL Redirect


WP Force SSL helps you redirect insecure HTTP traffic to secure HTTPS and fix SSL errors without touching any code. Activate Force SSL and everything will be set and SSL enabled. The entire site will move to HTTPS using your SSL certificate. It works with any SSL certificate. It can be free SSL certificate from Let’s Encrypt or a paid SSL certificate.

How to add SSL & enable SSL? Most hosting companies support the free SSL certificate from Let’s Encrypt, so login to your hosting panel and add SSL certificate. You’ll see a button labeled “Add SSL Certificate” or “Add Let’s Encrypt Certificate” and after that it’s 1 click to have the SSL enabled on your site with WP Force SSL. If that doesn’t work get WP Force SSL PRO and it’ll generate free SSL certificate for your site. And will regenerate SSL certificate every 90 days.

Access WP Force SSL settings via the main Settings menu -> WP Force SSL.

SSL Tests available in the plugin

  • is site on localhost?
  • check SSL certificate
  • check SSL certificate expiry date
  • is latest version of Force SSL used?
  • are known incompatible SSL plugins active?
  • is WP address URL set for SSL?
  • is WP home URL set for SSL?
  • is SSL monitoring enabled (pro feature)
  • is HTTPS redirection working?
  • is file redirection working (pro feature)
  • is HSTS enabled?
  • check mixed-content issue (pro feature)
  • is htaccess available & writable?
  • is 404 redirection enabled (pro feature)


  • redirect HTTP to HTTPS
  • fix mixed-content (pro)
  • enable HSTS
  • force secure cookies (pro)
  • cross-site scripting protection (pro)
  • expect CT header
  • X-Frame options
  • show WP Force SSL menu in admin bar
  • show WP Force SSL widget in admin dashboard

SSL certificate testing tool

WP Force SSL comes with an SSL certificate testing tool. It tests if the SSL certificate is valid, properly installed & up-to date.

Need support?

We’re here for you! Things get frustrating when they don’t work so make sure you open a support topic in the official Force SSL forum. We answer all questions within a few hours!

External Assets

A big thank you to SweetAlert2 authors which we use to make alerts nicer. And to DepositPhotos for the lovely header image.


  • Built-in tests verify your SSL configuration
  • SSL settings
  • SSL certificate tester


  1. Open Plugins – Add New in WP admin and search for “WP Force SSL”
  2. Install and activate the plugin
  3. Open plugin settings via Settings – WP Force SSL
  4. Check provided tests and settings


Who is this plugin for?

For anyone who has an SSL certificate installed on their site and wants to be sure all content is accessed (and redirected if needed) via a secure connection.

Do I need an SSL certificate for this to work?

Yes, you do need an SSL certificate. If you don’t have one you can buy WP Force SSL PRO which will generate an SSL certificate for free.

After activating WP Force SSL, do I need to do anything else?

No, nothing. After activating WP Force SSL, the main option “redirect SSL” will already be active. What you can do is use our tests to make sure everything related to SSL is working.

How can I report security bugs?

You can report security bugs through the Patchstack Vulnerability Disclosure Program. The Patchstack team help validate, triage and handle any security vulnerabilities. Report a security vulnerability.


7 Ottobre 2023
useless and dangerous in free version , i deleted it and everything is fine , whole website was hit
6 Ottobre 2023
This is a feature-limited demo and should be advertised as such. About 85% of UI’s screen space is taken up by elements that exist only to nag you to BUY PRO BUY PRO BUY PRO.The author intentionally uses inconsistent marking of PRO features to make it harder for you to learn to distinguish them visually from free features and avoid interacting with them. Some items are clearly marked. Others are marked with the word “PRO” buried at a random place in the description text. Yet others are blurred, and you don’t know if it’s because it’s a PRO feature or because you need to click that green button below to go to the initial setup of the feature (hehe no, it whacks you over the head with a BUY BUY BUY popup). Yet others are not marked at all, and you don’t learn that it’s a PRO feature until you see the BUY BUY BUY nag.
25 Agosto 2023
I bought WP Force SSL PRO not even a year ago as an agency lifetime license for more then $140,- Now it was the first time that I asked for their support, because the plugin blocks a function in LayerSlider (fullscreen mode for videos). The support team from WebFactory doesn’t care at all. Their simple answer is „Unfortunately, we can’t help with 3rd party plugins“. They didn’t even take a look at that issue. So don’t waste your money on this, they just won’t care for you at all. Edit: after this post, the lead developer took a look at the topic, and guess what? It was just ONE little setting that needed to get changed. I just had to switch off the Permissions Policy and everything works fine. So that’s why I am giving 2 stars now: the plugin works fine (Pro version), the support is the worst I have experienced so far among the WP community, especially for a paid plugin.
11 Gennaio 2023
While the main plugin does what it says, the SSL certificate they offer in the pro is a farce and kind of useless. Automated renewals is not available and you have to manually install the certificate every 3 months. Thats simply not feasible and kind of defeats the purpose of having a pro plugin and I am not entirely sure what I paid money for. Honestly, the free version is fine or use Really Simple SSL, doesn’t really matter, but don’t get pulled into their pro version , the best feature of which was supposed to be SSL Certificate Generation but if you have to manually do that every 3 months, it makes more sense to just use any other similar service out there.
Leggi tutte le recensioni di 172

Contributi e sviluppo

“WP Force SSL & HTTPS SSL Redirect” è un software open source. Le persone che hanno contribuito allo sviluppo di questo plugin sono indicate di seguito.


“WP Force SSL & HTTPS SSL Redirect” è stato tradotto in 17 lingue. Grazie ai traduttori per i loro contributi.

Traduci “WP Force SSL & HTTPS SSL Redirect” nella tua lingua.

Ti interessa lo sviluppo?

Esplora il codice segui il repository SVN, segui il log delle modifiche tramite RSS.



  • 2024/06/07
  • Security fixes


  • 2024/03/26
  • WordPress 6.5 and PHP 8.2 compatibility


  • 2022/01/12
  • added admin Dashboard widget


  • 2021/12/28
  • new GUI & features
  • PRO version available


  • 2021/01/30
  • added flyout menu


  • 2020/09/30
  • minor bug fixes
  • added promo for WP 301 Redirects PRO
  • 602,200 downloads; 100,000 installations


  • 2020/01/22
  • minor bug fixes
  • 384,400 downloads; 90,000 installations


  • 2019/09/23
  • complete rewrite of entire WP Force SSL plugin
  • added support for HSTS
  • 288,290 downloads; 80,000 installations


  • Changed function naming to avoid conflicts reported by users.


  • Dropping support for PHP 5.3: Only 15.9% of the people that use WordPress use PHP 5.3, it reached end of life and you should ask your host to upgrade.


  • Fixed an issue where some users were getting a error message for no valid header when activating the plugin.


  • Dropping support for PHP 5.2: Only 5.7% of the people that use WordPress use PHP 5.2, it’s old, buggy, and insecure.


  • 2015/01/15
  • initial release