Title: Can Wordfence force https or is another plugin required? Last modified: January 5, 2017 --- # Can Wordfence force https or is another plugin required? * [pcskibum](https://wordpress.org/support/users/pcskibum/) * (@pcskibum) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/) * Setting up a new WordPress site and trying to limit the number of plugins required. Wordfence covers a lot of issues, but I can’t find an option to force SSL, either on the admin pages only, or on the whole site. * Does Wordfence offer an option for that in either the free or paid version? If not, which plugin is recommended to play nicely with Wordfence? Viewing 5 replies - 1 through 5 (of 5 total) * [mountainguy2](https://wordpress.org/support/users/mountainguy2/) * (@mountainguy2) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8626378) * I’ve never heard of anything like that in Wordfence, nor seen it. Agree that the “yet another plugin, sigh” syndrome is best avoided like the plague. * You might talk to your ISP about what is really required for your SSL, as well as being sure you change settings in the WordPress admin. In my case, all I have to do (along with changing URL to https in WordPress admin, is keep the following in my .htaccess file, nothing more, no plugins. * RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ [https://www.yourwebsite.com/$1](https://www.yourwebsite.com/$1)[ R=301,L] * Easy to test. * MTN * [wfasa](https://wordpress.org/support/users/wfasa/) * (@wfasa) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8637543) * Hi pcskibum, I would agree with mountainguy2 that the correct way to go about this is to redirect all http traffic to https via .htaccess. Then you will not risk getting in to any conflicts with plugins. * [Stratosphere](https://wordpress.org/support/users/stratosphere/) * (@stratosphere) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8638395) * Don’t you have to buy a SSL certificate with your domain registrar first? I think it’s an additional 11 bucks/a year. * [wfasa](https://wordpress.org/support/users/wfasa/) * (@wfasa) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8639714) * Yes, you need an SSL certificate to use SSL on your website. Usually it’s easiest if you ask your host to set it up for you. * [rstoeber](https://wordpress.org/support/users/rstoeber/) * (@rstoeber) * [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8639817) * Thanks for the advice everyone. I did update the .htaccess file as you suggest and it seems to work perfectly. That’s even easier than installing another plugin. * We already had the SSL certificate so that’s not a problem. By the way, we have been using the free certificates from Let’s Encrypt ([https://letsencrypt.org/](https://letsencrypt.org/)) and they work great. And they’re free. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Can Wordfence force https or is another plugin required?’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [ssl https](https://wordpress.org/support/topic-tag/ssl-https/) * 5 replies * 5 participants * Last reply from: [rstoeber](https://wordpress.org/support/users/rstoeber/) * Last activity: [9 years, 4 months ago](https://wordpress.org/support/topic/can-wordfence-force-https-or-is-another-plugin-required/#post-8639817) * Status: not resolved