After installing an SSL certificate, visitors may still be able to access your website using the unsecured HTTP version of your website address.
Forcing HTTPS ensures that all visitors automatically use the secure version of your website.
This guide explains how to enable HTTPS redirects in DirectAdmin.
What Is HTTPS?
HTTPS is the secure version of a website address.
Instead of: http://yourdomain.co.za
your website will use: https://yourdomain.co.za
The padlock icon displayed by your browser indicates that your connection to the website is encrypted and secure.
Why Force HTTPS?
Forcing HTTPS helps:
- Improve website security
- Protect visitor information
- Improve SEO rankings
- Eliminate duplicate website addresses
- Increase visitor trust
Modern browsers also warn visitors when websites do not use HTTPS.
Before You Start
Before enabling HTTPS redirects, make sure:
- An SSL certificate is installed and working correctly
- Your website loads successfully using HTTPS
- You can log into DirectAdmin
If you have not installed SSL yet, please see:
- How to Enable a Free SSL Certificate Using Let’s Encrypt
Test HTTPS First
Before forcing redirects, open: https://yourdomain.co.za
(Replace yourdomain.co.za with your own domain name.)
If the website loads successfully and displays a padlock icon, you are ready to continue.
How to Force HTTPS Redirects
Step 1 — Log Into DirectAdmin
Open your browser and visit: https://cp.yourdomain.co.za (Replace yourdomain.co.za with your own domain name)
Enter your hosting username and password.
Step 2 — Open Domain Setup
From the DirectAdmin dashboard:
Click: Account Manager
Then click: Site Redirect
Step 3 — Select Your Domain
Click the domain name you wish to manage from the domain selector on the top right of the window..
Example: yourdomain.co.za
Step 4 — Enable SSL Redirect
Click: Add new Redirect
Select the type of redirect, ie 302 temporary, or 301 permanent.
Enter the https://yourdomain.co.za
Click: Create
Testing the Redirect
After enabling HTTPS redirection, visit:
http://yourdomain.co.za
You should automatically be redirected to:
https://yourdomain.co.za
Common Benefits of HTTPS Redirects
Improved Security
All visitor traffic is encrypted automatically.
Better SEO
Search engines prefer secure HTTPS websites.
Redirecting visitors to HTTPS helps avoid duplicate content issues and consolidates ranking signals.
Professional Appearance
Visitors will see a secure padlock icon rather than browser security warnings.
Improved Customer Trust
Secure websites help build confidence with visitors and customers.
Important Notes
SSL Must Be Working First
Do not enable HTTPS redirects before confirming that your SSL certificate is installed and functioning correctly.
Subdomains May Need Separate SSL Certificates
If you use: blog.yourdomain.co.za or shop.yourdomain.co.za
those subdomains may require their own SSL certificates unless you have enabled a wilcard SSL certificate on the primary domain..
Website Caching May Delay Changes
Some browsers and caching systems may temporarily display old versions of pages.
Troubleshooting
Website Shows SSL Warning
Check:
- SSL certificate installed correctly
- certificate has not expired
- domain name matches the certificate
Redirect Not Working
Verify:
- HTTPS loads correctly
- redirect option enabled
- settings saved successfully
Website Redirect Loop
A redirect loop can occur when:
- multiple redirect rules conflict
- plugins force HTTPS incorrectly
- .htaccess rules conflict with DirectAdmin settings
Review existing redirect settings carefully.
Mixed Content Warnings
This happens when a secure page loads content using HTTP.
Examples:
- images
- scripts
- CSS files
Update old HTTP links to HTTPS.
Helpful Tips
Always Use HTTPS
New websites should always use HTTPS from the start.
Update Website Settings
For WordPress websites, ensure the WordPress Address and Site Address also use HTTPS.
Test After Changes
Check:
- homepage
- contact forms
- images
- login pages
after enabling redirects.
Security Tips
- Keep SSL certificates active
- Force HTTPS on all websites
- Keep WordPress updated
- Remove outdated plugins
- Monitor website security regularly


