In order to use the HTTPS protocol on a website, it is necessary to have an SSL certificate installed on the web hosting.
If you have a security certificate and want to configure HTTPS on your website, but it still delivers content via HTTP (insecure), you can force the use of HTTPS by modifying the .htaccess file.
The .htaccess file can be uploaded via FTP and must be placed in the directory where you want the changes to take effect.
You need to add the following rules to force the use of HTTPS via .htaccess:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Note that this rule does not apply to websites built with WordPress. The CMS handles permanent links differently.