How to enable SSL/HTTPS on a Joomla site

SSL stands for Secure Sockets Layer, it is a security protocol that transmits private data across your Joomla site to the encrypted format. Accordingly, connections to/within your site will be on the secure https protocol instead of the standard http prefix.

If your site doesn't have a SSL certificate, you should seriously consider getting one in the near future. An SSL can help protect your customers' data, and it may well give you a ranking boost in Google's search results.

You normally purchase a SSL Certificate from the company you are hosting your website with. Web hosts charge you an additional yearly fee for Certificates and normally you pay up front for a yearly SSL certificate. Once paid and activated on your account, your host will advise you when the SSL Certificate is ready to be activated on your website.

Steps to Enable your SSL Certificate in your Joomla site

Step 1:

Configure your configuration.php file

Now, you have SSL enabled in your Joomla, but if visitors continue to use HTTP protocol to visit your site, they will not be automatically redirected to HTTPS. You will need to add some tweaks to your Joomla files.

In the root directory of your Joomla, you will find the configuration.php file. Open this file using a text editor and replace the following line:

var $live_site ='';

Replace with:

var $live_site = 'https://www.your-domain.com';


Step 2:

Configure your ,htaccess file

In the same root directory, you will find the .htaccess file. Using a text editor add these lines at the bottom of the file:

RewriteEngine On
RewriteCond %{HTTPS} OFF
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}>


Step 3:

Enable Force SSL in your Joomla site

Access your backend Global Configuration setting. From the Server tab, in the Server Settings section, there are 3 Force SSL alternatives that you can select:

  • None: SSL will not be enabled in your Joomla site.
  • Administrator Only: connections to your administrator will be on HTTPS.
  • Entire Site: connections all over your website will be on HTTPS.

Select the Entire Site Setting. Hit the Apply/Save button.

  • You now have your SSL Certificate activated on your website and this will change your website’s prefix from http to https.
  • You will also see a small green lock to signify that your website is secure.

Please make note: You still have to setup the SSL certificate to work on Virtuemart. To do this access the backend of the VM configuration -> Shop (tab) –> Enable SSL for sensitive areas [x] – turn on.