Moving the site to https provides protection against attacks based on sniffing the network connection

You need to log in to the admin panel of the site using a link like, then go to System - General Settings


Then click the Server tab, under Enable SSL select Whole site and save.


First, you'll need to purchase an SSL certificate and install it.

Changes in configuration.php

Open file configuration.php in the root folder of the site (by FTP or through the file manager on your hosting panel) and find the line with the parameter $live_site. In this line write the name of your site with https:

public $live_site = '';  

Save your changes.

You may have the ability to write to the configuration file disabled for security reasons. Then you need to set permissions 644 for it before you start editing.

Changes in .htaccess*

Set redirection of all visitors to HTTPS by adding lines in .htaccess file:

RewriteEngine On  
RewriteCond %{HTTPS} OFF  
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}  

Fixing problems after switching to HTTPS

If the site does not display correctly after performing the above steps, or if you see mixed content errors in the browser console, try the following:

Add at the end of configuration.php a line

$_SERVER['HTTPS'] = 'on';

After each configuration update this line will be overwritten, so you will need to add it again.

Add lines in .htaccess:

RewriteCond %{HTTP:X-HTTPS} ^1$  
RewriteRule .? - [E=HTTPS:on]  

Components like VirtueMart have their own settings for enabling https in their settings
For VirtueMart, go to Components → VirtueMart → Settings → Store and turn on the Enable SSL option for important parts of the site.
Fix the remaining links manually. You can see which elements are loaded via http in the browser console.


If you have configuration difficulties or have additional questions, you can always contact our support team via ticket system.

Updated April 22, 2020