Opencart 3 SSL – Force HTTPS Everywhere + Advanced HSTS Security


This Opencart extension provides forced SSL https:// support for your storefronts and admin.


HTTPS Everywhere for Opencart 3+:

✔ Force Opencart 3 SSL Admin & Storefronts

✔ Increase SEO Ranking Power

✔ Eliminate Duplicate Insecure URL’s

✔ Increase Customer Trust & Security

✔ Protect Sensitive Data & API’s

✔ Repair Mixed/Insecure Content

✔ Secure Media & Links

✔ Compatible with Opencart 3+

✔ And more…


Opencart 3 HTTPS everywhere is an extension that will force SSL on admin, storefronts, media, urls, and more. Using forced SSL everywhere not only increases security by encrypting incoming/outgoing traffic, it also increases Opencart 3 SEO power by providing full 301 HTTPS ranking signals. With an SSL secured Opencart, customers feel more trust, hack/exploit/mitm attempts are reduced, and Google is happy to rank your storefronts.

This OCMOD extension is production ready, and has been tested to work great with the latest Opencart 3+. Our work is based on the original HTTPS Everywhere codebase we designed for versions 1.5.5 to, which still powers many production storefronts. The latest HTTPS everywhere for Opencart 3+ uses the same vetted code, but has been optimized with performance, efficiency, and ease of use in mind.


  • Compatible with Opencart 3+, redesigned for performance and ease of use.
  • Opencart 3 HTTPS Everywhere integration that Google SEO ranking algorithms can understand.
  • Opencart 3 SSL secures and protects by encrypting data sent/received to you & your customers.
  • Enables on-demand Opencart forced SSL admin & catalog multi-stores for a secure frontend.
  • Setting SEO 301 HTTPS redirect avoids duplicate Opencart content issues.
  • Setting HSTS 307 HTTPS redirect enforces a modern Opencart SSL security policy.
  • Includes Opencart SSL repairs for existing media, content, and more.
  • Includes Opencart SSL repairs for admin file manager media inclusions.
  • Includes Opencart SSL repairs for menus, lists, and $this->url->link() internal code.
  • Recursive measures to solve all SSL issues in all API/Extensions with HSTS.
  • Single OCMOD file, no core files included or overwritten.
  • Starts when Opencart loads the encryption library, for maximum protection.
  • Production ready codebase, updated & optimized since 2014.
  • Multistore compatible. Works with all extensions.
  • No license codes (subject to change).
  • Made in the USA.


  • Opencart version 3+ (or check out Opencart 1.5.5+ SSL Everywhere)
  • A fully functional SSL certificate for every domain you need to secure
  • Optional Cloudflare frontend to protect & hide your server
  • Patience, sometimes SSL doesnt act as expected in all environments. Please contact us at [email protected] with any emergencies/issues/requests. Store/FTP/settings access may be required in certain circumstances.


General & advanced SSL settings are available per-storefront by visiting System > Settings, then using the new “SSL” tab. To adjust admin SSL settings, please visit the “Default” storefront “SSL” tab.

SSL Storefront 301 Demo:

Demo 301 Storefront –

SSL + HSTS Storefront 307 Demo:

Demo 307 Storefront –

SSL Admin Demo:

Demo Admin –

Login: demo | password123


* Please note, our demos may be periodically reset or unavailable. No orders, contact, or otherwise logistical interactions will be processed. Demo admin may be limited or unavailable in certain circumstances. If you require an extended demo or more admin permissions, please contact us at [email protected]

Additional information





There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.