How Can We Help?
HTTPS & Transport
WARNING: Enabling this setting creates an HTTPS redirect through a must-use plugin. Verify that the site already has a valid TLS certificate and that all intended front-end and admin URLs work over HTTPS before enabling it.
Description of the control
Use this control to force all front-end and WordPress admin requests to HTTPS. This helps keep cookies, uploads, and authenticated sessions on encrypted transport.
Procedure
- Open Posture Management.
- Select Transport & Browser Security.
- In the HTTPS & Transport card, locate Enforce HTTPS (front-end & admin).
- Review the help text that states the setting will Redirect all HTTP requests to HTTPS using a must-use plugin.
- Confirm that the /wp-content/mu-plugins/ directory is writable.
- Enable Enable redirect.
- Select Save Transport & Browser Settings.
Validation
Confirm that visiting an HTTP URL for the site redirects to the HTTPS version. Test both a front-end page and a WordPress admin URL and verify they load over HTTPS after the setting is saved.