Using HTTPS instead of HTTP means that communications between your browser and a website is encrypted via the use of an SSL (Secure Socket Layer). Even if your website doesn’t handle sensitive data, it’s a good idea to make sure your website loads securely over HTTPS. It’s now becoming a requirement for many new browser features as well as potentially having an impact on search engine rankings.

To make sure your website loads securely, you need to make sure that it is prefixed with HTTPS instead of HTTP. This can be done in a few different ways. Outlined below are the most common ways to do this.

Use the Force HTTPS tool

1. Login to your control panel and head to Manage Hosting and select Manage on the package you want to force HTTPS for.
2. Select the SSL/TLS icon.
3. Select Enable Force HTTPS. This will redirect website users to HTTPS. As long as the website has an SSL certificate and all content loads via HTTPS, the site should show as secure.

Using a .htaccess file

Another way that has the potential for more specific configuration is to use a .htaccess file rule. If you don’t have a .htaccess file, you can create one via FTP or File Manager and then add the code:

RewriteEngine On
RewriteCond %{env:HTTPS} !on
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

If you already have a .htaccess file then make sure you don’t duplicate the line:  RewriteEngine On

If after enabling force HTTPS the website shows insecure, then you’ll need to make sure that:

1. You have an SSL certificate on the site
2. You don’t have mixed content.