Force SSL
There are a few ways to force users to the secure (HTTPS) version of your site. All require the use of a .htaccess file. The method to use depends on your hosting company. It is safe to try all to see which works.
Method 1:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Method 2:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Method 3:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]