In this article, we will show you how to activate SSL encryption for your Joomla! website.

After you have secured your domain with an SSL certificate, you should switch your website to the HTTPS protocol. To do this, you must first activate HTTPS in the Joomla! settings and adjust the website path in the configuration.php file. Finally, set up a 301 Redirect from the HTTP address to the HTTPS address.


The domain must be secured with SSL certificate.

For your website to use HTTPS, you must have connected your domain to an SSL certificate. You can check this by visiting your domain with https:// at the beginning (such as

Activate an SSL Certificate Now

Find out more: Set Up an SSL Certificate Managed by IONOS

Enable HTTPS in Joomla!

  • Log in to the administration area (backend) of your Joomla! website and select System > Global Configuration in the menu.
  • Go to the Server tab and select the Force HTTPS option to Entire Site.
  • Click Save & Close.

Force HTTPS for All Visitors

After you have activated HTTPS, you should make sure that your visitors are automatically redirected to the HTTPS website even if they go to the "old" HTTP address. To do this, you just need to adjust your site URL and set up a 301 Redirect to the HTTPS address.

Customize Your Site URL

The site URL must be changed in the configuration.php file in the Joomla! webspace directory:

  • Open the WebspaceExlorer, click on the clickandbuilds folder, and go to the directory of your Joomla! website.
  • To the right of the configuration.php file, click Actions > Edit File.
  • Find the line public $live_site =''; and enter the HTTPS address of your website there.

public $live_site = '';
  • Click Save.

Set Up a 301 Redirect

To set up automatic forwarding to the HTTPS website, you must edit your .htaccess file and add the following command lines (you will also find the .htaccess file in the Joomla! directory):

RewriteEngine On
RewriteCond %{HTTPS} OFF
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Your website now loads automatically with HTTPS.