Once an SSL certificate is active, the web server should force all legacy HTTP traffic to secure channels. This is typically done via a .htaccess file on Apache or a server block definition in Nginx: