You have set up your Magento site to use HTTPS, but users can still visit your site through non-secure URLs. To force HTTPS on all of the pages on your frontend, follow these below steps.
In Magento 1:
- Log in your Magento backend. Go to System > Configuration.
- Under General section, select Web. Then, in the Secure section, change the Base URL to https://yourdomain.com/
- Change the value of Use Secure URLs in Frontend and Use Secure URLs in Admin options to Yes. Then click Save Config.
- Clear Magento cache.
In Magento 2:
- Log in your Magento backend. Go to Stores > Settings > Configuration.
- Under General section, select Web. Then, in the Base URLs (Secure) section, change the Secure Base URL to https://yourdomain.com/
- Change the value of Use Secure URLs on Storefront and Use Secure URLs in Admin options to Yes. Then click Save Config.
- Clear Magento cache.
Hope that helps!
