You need to force HTTPS using htaccess on your website. As a website developer or owner, it's important to have your website secure at all times and SSL is a good way to ensure your visitors will trust your site.
One thing you must not allow is having browsers like Chrome and Firefox to be showing insecure warnings on sites withoutย SSL certificates. Without SSL, your website will show insecure to visitors.
Therefore, using an SSL-encrypted connection for safety, accessibility, or PCI compliance reasons is necessary. It becomes very important to redirect from HTTP to HTTPS.
READ ALSO: How To Launch Your Ownย Personal Website in Minutes [The Easy Way & The DIY Way]
How To Redirect HTTP to HTTPS using .htaccess [Force HTTPS Using htaccess]
There are three (3) ways to force HTTP to HTTPS redirect and I'll explain each method/option below.
Option 1. Forcing HTTPS on All Traffic
One of the many functions you can perform viaย .htaccessย is the 301 redirects, which permanently redirects an old URL to a new one. You can activate the feature to force HTTPS on all incoming traffic by following these steps:
Step 1. Go toย File Managerย in your hosting panel and openย .htaccessย inside theย public_htmlย folder. If you can't locate it, make sure toย create or unhide it.
Step 2. Scroll down to findย RewriteEngine Onย and insert the following lines of code below it:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
[L,R=301] Saveย the changes.
Important!ย Make sure that the lineย RewriteEngine Onย is not repeated twice. In case the line already exists, simply copy the rest of the code without it.
READ ALSO: How To Setup Rapyd Payment Gateway on Your Website
Option 2. Forcing HTTPS on a Specific Domain
Let's say that you have two domains:ย http://yourdomain1.comย andย http://yourdomain2.com.ย Both domains access the same website, but you only want the first one to be redirected to the HTTPS version. In this case, you need to use the following code:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain1.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Make sure to replaceย yourdomain1ย with the actual domain you're trying to force HTTPS on.
Option 3. Forcing HTTPS on a Specific Folder
Theย .htaccessย file can also be used to force HTTPS on specific folders.
However, the file should be placed in the folder that will have the HTTPS connection.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(folder1|folder2|folder3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Make sure to change theย folderย references to the actual directory names.
After making the changes, clear your browser's cache and try to connect to your site via HTTP. If everything was added correctly, the browser will redirect you to the HTTPS version.
READ ALSO: Rank Math SEO Solutions โ The Holy Grail Of Website Ranking and SEO Mastery
FAQs on htaccess Redirect
READ ALSO: Detailed Guide On How To Design A Professional Website and Blog For Your Business
Conclusion
There you have it, โhow to force HTTPS using htaccess'. Now, you have successfully edited yourย .htaccess fileย and redirected all HTTP traffic to HTTPS, the safe version of your website.
Depending on the platform where you developed your website, there could be alternative methods to enable this feature. For example, you can configure your WordPress or PrestaShop site to work with HTTPS using plugins.
bina says
Your point of view caught my eye and was very interesting. Thanks. I have a question for you.