Joomla is an open-source, award-winning content management system used all over the world to power personal blogs, e-commerce platforms, government websites, and any other kind of web project.

Joomla’s highly flexible core framework helps novice users to easily set up and manage their sites. It also allows experienced developers to create sophisticated systems, and tap into unlimited possibilities. Whether you’re a novice or a pro, we highly recommend you learn how to move a Joomla Site from HTTP to HTTPS. And here’s why:

In today’s online environment securing websites with an SSL Certificate has become a necessity, and Joomla sites are no exception.

Adding an SSL Certificate to your website, and subsequently moving it from HTTP to HTTPS is a multi-step process. First, you need to buy the right SSL product for your site, then install it on your server, and only afterward perform the switch to HTTPS.

In this article, we discuss the last step and for it to work, you must have the SSL Certificate properly configured on your server. If you’re new to SSL Certificates, our blog and FAQ section are packed with useful guides and tutorials to get you started. Here are just a few of them:

A technical overview of how SSL certificates work
How to choose the best SSL certificate for your website?
Why is an SSL Certificate important for your online store?
7 Reasons Why You Should Get an SSL Certificate for Your Blog
SSL Wizard- Choose the right SSL for your website
How can I install an SSL Certificate?

Assuming that you’ve already bought a certificate and successfully installed it, at this point you should be all set to move a Joomla site from HTTP to HTTPS. Double-checking on your SSL server configuration is never a bad idea, so use this highly effective SSL toolkit to test your SSL installation. If you don’t find errors, proceed to the first step of the HTTPS transition.

Enable Force HTTPS/SSL on your Joomla site

Log into your Joomla backend, navigate to System > Configuration. On the Server tab, select the “Entire Site” next to the “Force HTTPS” option. Save your new setting before exiting.

Configure your configuration.php file

Use your cPanel, or an FTP client such as FileZilla to locate the configuration.php file in the root directory of your Joomla. Open the file with a text editor and find the following line:

var $live_site =”;

Replace it with:

var $live_site = ‘’;

Create 301-redirects to HTTPS

Change all existing URLS from HTTP to HTTPS version, to protect your SEO rankings, and let search engines update the index for your site as soon as possible. You can do this via a Joomla plugin, or manually in your .htaccess file. Add the following code to the bottom of the file.

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

Avoid Mixed Content

All your content should be served over HTTPS. This includes images, video files, javascript, CSS, and so on. Make sure that you load your images relative to the site root, and change the absolute URLs if such exist. Scan your theme’s code for potential HTTP links, and change them to HTTPS. Even one forgotten HTTP resource somewhere in your code may generate an SSL warning from the browser. Here’s how to fix mixed content and prevent SSL errors.

Update your sitemap and robots.txt

Updated your XML sitemap with the latest HTTPS links and send it to Google webmaster tools. Use Robots.txt file to control which pages will be crawled and indexed.

Finally, keep monitoring your website for potential issues that may emerge after a while. Usually, the steps we’ve listed above are enough to move a Joomla site from HTTP to HTTPS, but more complex websites may require custom tweaks from a professional developer.