In the .htaccess file add the following and replace the domain with your actual domain name:
#If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
