how to force https on media library


I forced https on admin page and would like to force https on media library but keep http on front end page and don t find how to do without using a complex plugin. Is there a simple way to oblige https for all files in wp-content ?

Thank you


  • aristath
    • Recruit

    Hello again @ludovic, I hope you’re well today!

    If you don’t want to use https for your site’s frontend then I’m afraid that no, there’s no easy way to do what you want.

    And I’m not sure it would be a good thing either… Why don’t you simply use https for your whole frontend instead??



  • Ludovic
    • Site Builder, Child of Zeus


    I need https on back end to run some plugins due to privacy and security need but want front end http because i m on multisite and want to have internet address .com for each MU so i will get warning message because certificate is for main site (don’t want to buy heaps certificate).

    Is there a complex way?

    • The Bug Hunter

    Hey @ludovic

    Just wanted to make sure you know that the setting to force HTTPS for frontend located at network admin > settings > domain mapping is only for the primary site?

    The setting to use HTTP/HTTPS for mapped addresses is a drop-down menu in the subsite’s admin > tools > domain mapping – where you type in the desired URL, just click on the protocol (where it says http://) and you’ll see the drop-down selection for HTTPS.

    Do you have login & admin set to be at ‘original’ address?

    A screenshot of your present settings might help staff diagnose :slight_smile:

    Hope this can be helpful.

    Cheers, Max

  • aristath
    • Recruit

    Hello again!

    The below code is untested but it should work…

    This will attempt to rewrite all URLs for pdf files to use https.

    RewriteRule ([^/]+).pdf$ - [E=FILENAME:$1]
    <FilesMatch ".pdf$">
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    You could try using something like that in your .htaccess file for pdfs, png, jpg, jpeg, gif and so on.

    I hope that helps!



  • Ludovic
    • Site Builder, Child of Zeus


    It didn’t work. But I finally found a simple solution. Just to paste that in function.php :

    function have_https_for_media( $url ) {

    if ( is_ssl() )
    $url = str_replace( 'http://', 'https://', $url );
    return $url;

    add_filter( 'wp_get_attachment_url', 'have_https_for_media' );

    It works, for the moment and all media files are with https.

    • The Bug Hunter

    Hey @aristath and @ludovic

    I tried both of your solutions, and neither worked for me as-is…

    I’d prefer an htaccess approach over a using str_replace but didn’t fiddle with it further than adapting for .jpg

    I’d like to check with you both about my solution:

    I simply changed SITEURL in wp_#_options to https

    (leaving HOME at http – or else breaks domain mapping to http frontend)

    Is this sensible?

    I’ve thought of this for many things, and it certainly seems to fix the media upload url issue w/o breaking anything obvious in domain mapping to http frontend like

    Thoughts? I’m hoping this is workable but figure there are probably 1,001 possible reasons it will not… :slight_smile:



  • Tyler Postle
    • CGO

    Hey Max,

    Hope you’re doing well!

    if it hasn’t broken anything yet, that’s a good sign :slight_smile:

    If it does break anything you can simply switch it back. I can’t think of something that it would break off hand, but be worth keeping a close eye on.

    For securing insecure links, I usually just use this plugin here:

    It’s worked well for me in the past :slight_smile:

    Look forward to hearing back!

    All the best,


Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.