How To Force SSL In Joomla
There are two methods which you can utilise to force HTTPS in Joomla - we recommend using the first method and updating it in your Joomla Administration page.Using Joomla Admin
Step 1 - Login to your Joomla administrator area
Step 2 - Click on Global Configuration
Step 3 - Click on (1) Server, (2) drop down the menu for Force HTTPS, (3) Select Entire Site.
Using File Manager
Forcing SSL in Joomla requires editing 2 files. You can do this either using FTP or the cPanel File Manager (click here for a guide on using this tool). Both files are located in the root folder (usually called public_html)
Step 1 - The configuration.php file
Find the line that says $live_site = '';
Between the quotes, add your domain name, including the ssl portion
Make sure to save the file once you've done this.
Step 2 - The .htaccess file (it's hidden by default, click here for a guide on editing it)
NOTE: By default, the htaccess file in Joomla is named htaccess.txt. To enable this file, rename it to .htaccess
You need to add this code to the top of the file
RewriteEngine On
RewriteCond %{HTTPS} OFF
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
The page should look like this
Once those 2 things are done, SSL should be forced by default for all pages on your Joomla site.
