This easy Apache config file change works on all Apache servers and there is zero cost or maintenance.
This simple addition to your websites .htaccess file will redirect all traffic heading to your site as insecure HTTP to secure HTTPS with a 301 (permanent) redirect. We use this on our WordPress sites running Apache. I prefer this method over using a WordPress plugin as there is no overhead, nothing to install and nothing to maintain.
Make sure you can get back into your site and update your .htaccess file if you break something. It is a good idea to make a copy of this file before modifying it.
# BEGIN MyCode
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
# END MyCode