InMotion Hosting Support Center

Another Joomla 3.0 Server Setting that is available is Force SSL.

Description of the Force SSL Option Available Options for Force SSL

Force SSL
Force site access to always occur under SSL (https) for selected areas. You will not be able to access selected areas under non-ssl. Note, you must have SSL enabled on your server to utilise this option.

  • None
  • Administrator Only
  • Entire Site

As the options imply, you can force SSL for either your entire website, or only for your /administrator pages.


To set the Force SSL option in Joomla 3.0

  1. Log into your Joomla 3.0 Admin Dashboard
  2. In the left menu, click the Global Configuration link
  3. There will be several tabs at the top of the page. Click the Server tab.
  4. Under the Server Settings heading, find the option labeled Force SSL. Use the drop down menu to the right of the setting to select the option you want, and then click the Save button in the top left of the page.

    Please note!
    If you don't have SSL enabled for your domain name, you will immediately get an error upon saving. This potentially can lock you out of your website! To fix this issue, continue reading.


What to do if you're locked out of Joomla 3.0 because of this SSL Setting?

If you enabled the Force SSL option, and you've become locked out of your website, follow these steps to restore the normal, non-ssl setting.

  1. Open for edit the Joomla 3.0 configuration.php file
  2. Find a line that looks similar to this:
    public $force_ssl = '2';
    Change this setting so that it has a value of 0, as in:
    public $force_ssl = '0';
    Save the changes to the file. You should be able to access your site once again.

    Please note!
    If you have any trouble changing the settings to the file, the file may not have any write permissions, so the file's permissions may need to be updated.

Was this article helpful?
Continued Education in Course 206: Configuring Server Settings in Joomla 3
You are viewing Section 4: How to Force SSL in Joomla 3.1
Section 3: Joomla 3.1 Error Reporting
Section 5: Joomla 3.1 Server TimeZone

Joomla Community Google+ Hangout #3

June 3rd, 2014

Thank you @RustyJoomla for letting me speak on the Joomla Community Google+ Hangout!

Click here to watch!

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Forum Login

You are NOT logged in. You can still browse our Support Center.

To participate within our Community Support Forum:

n/a Points
2017-02-17 5:27 pm

I accidently set the force ssl for admin only and now get an error message and cant log in i tried the steps above but i am still unable to get to my admin login page any ideas?

2,858 Points
2017-02-17 6:34 pm
Jamie, I can think of a few options for this. You can create a self-signed SSL and install it, and then accept the certificate as an exception in your web browser, and then login and disable the force SSL option in your Joomla! Alternatively, you can edit your <span class="strong">configuration.php</span> file, and change the value for <span class="strong">force_ssl</span> to '0'
n/a Points
2016-12-23 3:48 am

Thanks a bunch for this one, Brad Markle! Saved me from a lot of pain. LOL

2,858 Points
2016-12-23 10:52 am
Mr_write, I'm glad we were able to assist you!
n/a Points
2016-05-19 7:22 am

Ok i found the good wayActive SSL with host.All path SSL with host.Add a plugin SSL redirection, joomla like it.All work, but, not the http://domain/administratorFUCK ! Not Found the good way ... Waiting ...The plugin have a update ... ! NICE ALL Work.I have say my problem, and, the Plugin Team have patch it.SSL GREEN. Resolved.

n/a Points
2016-05-03 5:20 pm

hi, i have a redirection https with my hébergeur.All work good, only 2 problem- I don't have acces to https://domain/administrator login not work.-> m'y last link http://  no redirection only for this is  http://domain/administrator/index.php and i can login.The last http:// link, why ? and how i can secure this link ?I have not active SSL for all joomla, because the " hébergeur " option make SSL redirection for my site, it's my mean.Login https front work good.I have the second probleme to front end : I can't edit article.https://path/article#give page 404

11,043 Points
2016-05-04 8:05 am
I advise you reset your Joomla password for the administrator area. Once you have access you can secure the index.php file with an .htaccess password.
n/a Points
2016-04-10 12:30 am

This did absolutly nothing to my site I want to go back to http:// but i cant do that either

43,761 Points
2016-04-11 3:20 pm
What changes were you expecting to see on your site that you did not?
To go back to http, just set the setting as: public $force_ssl = '2';
n/a Points
2015-03-30 9:27 am


I changed the settings to force ssl for the entire site because I've set up a site that I am only going to use for a secure online bill pay form that collects sensitive data and sends it on to a banking company. When I changed the ssl setting within Joomla, it did force ssl for the default home page, so that when I type the url into the address bar w/o 'https:', it forces it to use the https. But the bill pay page form doesn't do that, even though it's within the site. I uploaded the bill pay pages into the file manager within CPanel, but it is all part of the same site so I'm not sure why Joomla isn't forcing https on the bill pay form.

Any ideas?


43,761 Points
2015-03-30 10:27 am
Hello Goldie,

Have you checked the configuration.php file and ensured the setting is as follows:

public $force_ssl = '2';

Kindest Regards,
Scott M
n/a Points
2015-03-30 10:43 am

Hi Scott,

Thanks for the quick reply. I checked in configuration.php and it does have public $force_ssl='2'.

Maybe I can set up that direct link to the non-secure form to redirect to one of the default site error pages?


43,761 Points
2015-03-30 10:51 am
Hello Goldie,

That setting should redirect the entire site to SSL, including the payment area. Do you see anything else in the configuration file that specifically references http://? Also, does it help if you toggle the settings? (Turn off, save, and then tun it back on). Lastly, can you see anything odd in the .htaccess file referencing http: and https:?

Kindest Regards,
Scott M
n/a Points
2014-09-23 10:28 am

Hi John-Paul,  thank you for your answer. 

Here are some more details.

This is the address of the website:

The problem comes from the menu - Darshan (requires flash)

The images are called from a directory within the domain but they've been imported from a site that prepared the flash images from images that I have submitted.

The slideshow is a flash item that calls the flash images  that are within the same directory.  So I cannot call them  independently with an HTTPS prefix.

I hope that what I'm saying makes some sense to you.





11,186 Points
2014-09-23 11:01 am
Until those elements are called using HTTPS, this warning will persist. The only way to remove the warning within the user's browser is the obtain them directly using HTTPS.
n/a Points
2014-09-23 9:43 am


I have enabled SSL for the entire site.  Still, when I access a particular menu where some flash items can be played, my browser indicates that some images are not secured although they are integrated in the domain file system.  I've tried to integrate a .htaccess file within the particular directory where the images are located but to no avail.  Is there a solution to this?


31,595 Points
2014-09-23 9:58 am
Hello Gaetan,

Thank you for your question. We are happy to help but will need some additional information.

Are you calling in images from another website?

Can you provide a link to the problem?

Since a single image called in without "https" can break the security of the SSL, sites such as can list all insecure images.

If you have any further questions, feel free to post them below.

Thank you,
n/a Points
2014-04-18 9:00 am

I am not 100% on this but I assume that a value of 0 = none, 1 = Administrator Only, and 2 = Entire site.


11,186 Points
2014-04-18 9:31 am
Yes, that is indeed correct.

Post a Comment

Email Address:
Phone Number:

Please note: Your name and comment will be displayed, but we will not show your email address.

20 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?


Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail:
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!