Solve the WordPress SSL 500 Error

A common issue when first using WordPress with a SSL certificate is that when trying to access any page or post via HTTPs, a 500 internal error is returned. This can be incredible frustrating to resolve. You may read online how changes need to be made to your .htaccess file, how you need to add various constants to your wp-config.php file or how you should be using a certain plugin.

If you’re using cPanel however there is an often simple fix available; some hosts enable ModSecurity on their VPS or shared hosting packages and this may well cause the internal errors when attempting to deliver your website over HTTPs. Quite simply turning off ModSecurity in cPanel will fix the problem.

ModSecurity is a web application firewall that provides various security for your website. Turning this off will reduce your website security. If you use CloudFlare (or Incapsula, Akamai Cloud Security or similar) then you are probably adequately secured so can turn off ModSecurity without reducing your security. If you don’t use CloudFlare then now is a good time to get an account and start to get the security benefits of CloudFlare.