How to Force HTTPS using .htaccess (Updated 2024)

An SSL certificate enables your website to be accessible via HTTP and HTTPS protocols. However, you should only use the latter as the latter encrypts and protects your website’s data. You can also force HTTPS connection with the .htaccess file if your hosting provider doesn’t allow you to do so in one click. This article will show you how.

Forcing HTTPS on All Traffic

With .htaccess, you can perform many functions including 301 redirects, which replace an old URL with a new one. You can enable HTTPS to be forced on all incoming traffic by following these steps:

  1. Navigate to the File Manager in your hosting panel and open the .htaccess file in the public_html folder. If you can’t find it, make sure to create it or unhide it.
  2. Scroll down to find RewriteEngine On, and type the following code underneath it:
RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

3. Save your changes.

IMPORTANT

Make sure that the line RewriteEngine On is not repeated twice. In case the line already exists, simply copy the rest of the code without it.

Forcing HTTPS on a Specific Domain

Let’s say that you have two domains: http://yourdomain1.com and http://yourdomain2.com. Both domains access the same website, but you only want the first one to be redirected to the HTTPS version. In this case, you need to use the following code:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^yourdomain1.com [NC] 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Make sure to replace yourdomain1 with the actual domain you’re trying to force HTTPS on.

Forcing HTTPS on a Specific Folder

The .htaccess file can also be used to force HTTPS on specific folders. However, the file should be placed in the folder that will have the HTTPS connection.

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(folder1|folder2|folder3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Make sure to change the folder references to the actual directory names.

After making the changes, clear your browser’s cache and try to connect to your site via HTTP. If everything was added correctly, the browser will redirect you to the HTTPS version.

Conclusion

Congratulations! you have successfully edited your .htaccess file and redirected all HTTP traffic to HTTPS, the safe version of your website. Depending on the platform where you developed your website, there could be alternative methods to enable this feature. For example, you can configure your WordPress or PrestaShop site to work with HTTPS using plugins.

If you have any tips, tricks, or suggestions that you want to share, we are looking forward to seeing them in the comments!

Total
0
Shares
4.7 3 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Previous Article

How to Start a Blog – A Complete Guide for Beginners (2024)

Next Article

How to Point a Domain Name to Intech Cloud Hosting

Related Posts
Total
0
Share
0
Would love your thoughts, please comment.x
()
x