Joomla and SSL for Secure Transaction


Among all of the content management systems out there, Joomla is at the top of the list for e-commerce applications. You already know why if you use it. That said, any website owner utilizing Joomla for e-commerce should also be using Secure Socket Layer (SSL) protocols. Implementing SSL is easy with the built in ‘Force SSL’ feature.

Before we get to the details, let us talk about what SSL is and why you need it. SSL is an encryption method that allows you to securely send data from your website to a customer or third party. The benefits of encryption should be obvious in a day and age where hackers are very adept at stealing identities. SSL is older than its Transport Layer Security (TLS) counterpart, but quite effective nonetheless.

A site utilizing SSL is easily identifiable by looking at the address in your web browser’s navigation pane. A secure site will begin with ‘https’ rather than ‘http’. Bringing up such a page requires the web browser to negotiate with the server it is accessing in order to exchange certificates of authenticity. If all is in order, the data can be shared.

Preparing for SSL in Joomla

To implement SSL on your website, you will need to start by contacting your web host provider to obtain a valid SSL certificate. Hosting companies charge for these certificates, but the cost is usually nominal. Your provider can issue you a certificate and install it on your website for you. They will provide you with a dedicated IP address associated with that certificate.


The next step is to configure your website by opening the ‘configuration.php’ file within your Joomla directory. Scroll until you find the following line:


var $live_site =”;


Replace it with:


var $live_site = ‘’;


The next step is to open the ‘.htaccess’ file and paste the following text at the end:


RewriteEngine On

RewriteCond %{HTTPS} OFF

RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}


You will probably find it a lot easier if you use an FTP program or the file manager within your control panel to download these two files to your computer before editing. As always, make backup copies before making any changes. This way, you still have the originals if something goes wrong.


Enable Force SSL in Joomla


The final step of the process is to enable Force SSL on your website. This is as simple as going to the Global Configuration page and clicking on the Server Settings tab. You will have three choices; choose ‘entire site’ to enable SSL across every page of your website.


That’s all there is to it! Once you save your changes, you should see the ‘https’ protocol on reload. If not, you might want to go back to the start of this tutorial and try again. You can probably also ask your web host provider for help if you just cannot get it to work.


One last thing to consider is that there are multiple kinds of security certificates you can purchase. If you are new to Joomla and SSL, spend the least amount of money upfront. Learn how it works and how you benefit before investing in top-of-the-line certificates. Depending on your e-commerce set up, you may not need anything more than a basic certificate anyway.

Our Recommended Joomla! Web Hosting Provider


Get a 45% Discount by using our link.


A popular Canadian web host which offers a one-click Joomla installation option through the included control panel (cPanel). HostPapa is our recommendation to host a Joomla website.

Leave a Reply

Your email address will not be published. Required fields are marked *