There are a few ways to force users to the secure (HTTPS) version of your site. All require the use of a .htaccess file. The method to use depends on your hosting company. It is safe to try all to see which works.

Method 1:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Method 2:

RewriteEngine On 
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Method 3:

RewriteEngine On
RewriteCond %{HTTPS} off [OR] 
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]