How To Force SSL In Joomla
In this guide are two methods which you can utilise to force HTTPS in Joomla. Please note that while these steps are generally straightforward, this information is provided as a suggestion and we can't provide detailed support for modifications to a Content Management System. If you require assistance with this, we'd recommend speaking to your website developer to ensure relevance and compatibility with your site.Using Joomla Admin
Step 1 - Log into your Joomla administrator area.
Step 2 - Click on Global Configuration.
Step 3 - Click on (1) Server, (2) drop down the menu for Force HTTPS, (3) Select Entire Site.
SSL should now be forced for all pages on your Joomla site. You can use the tool Redirect Detective to test whether this has been configured successfully.
Using File Manager
Forcing SSL in Joomla requires editing 2 files. You can do this either using FTP or the cPanel File Manager (click here for a guide on using this tool). Both files are located in the document root folder (usually called public_html).
Step 1 - The configuration.php file
Find the line that says $live_site = '';
Between the quotes, add your domain name, including the 'https://' portion.
Make sure to save the file once you've done this.
Step 2 - The .htaccess file
NOTE: By default, the htaccess file in Joomla is named htaccess.txt. To enable this file, rename it to ".htaccess".
You need to add this code to the top of the file:
RewriteEngine On RewriteCond %{HTTPS} OFF RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
The page should look like this:
Once these two things are done, SSL should be forced for all pages on your Joomla site. You can use the tool Redirect Detective to test whether this has been configured successfully..