Here’s a simple solution to setup WordPress HTTPS without any third party plugin:

    1. Install your SSL certificate. Most cases your host provider has free SSL so you can activate in your cpanel.
    2. Update your website’s address. Replace http:// with https:// in WordPress Settings/General menu.
    3. Editing your .htaccess file. Navigate to public_html folder to edit your .htaccess file. Insert this rules into your file, and save:
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    1. Fixing mixed content warnings. If you get mixed contet warning message from your browser add this line to the top of your .htaccess file:
Header always set Content-Security-Policy: upgrade-insecure-requests
  1. Done. Now your site use HTTPS protocol.