This article was contributed by Dustin Cisneros at RackNerd, a web hosting and infrastructure as a service provider which was recently voted #1 by the LowEndTalk community! If you are looking for a Linux VPS, Ryzen VPS, Windows VPS, or shared and reseller hosting services, be sure to take a look at RackNerd’s latest special offers here.
Currently, most of the websites today run through SSL. Once you have installed the SSL certificate, proceed with the configuration of the application to serve all the web traffic over HTTPS. HTTP adds encryption to communication that occurs between a server and the client. HTTPS does this by using TLS/SSL. This encryption option isn’t possible with HTTP. There are several other points that make HTTPS stand out compared to HTTP:
- It is said that ranking system of search engines prefers HTTPS, so if you use it, there are more chances for your site to rank higher:
- Most of the commonly used browsers mark the websites that use HTTPS as safe.
- The information going from both server to client or client to server is encrypted, hence, greater security is provided.
Let’s see how we can force all web traffic to HTTPS from HTTP using .htaccess
How to redirect HTTP to HTTPS via .htaccess
The .htaccess is basically a configuration file that is used on Apache’s server. The dot in front represents that the file cannot be viewed, as it is hidden by default. .htaccess file defines how Apaches serve the files from the directory. .htaccess is usually placed in the domain root directory but the subdirectories can contain other .htaccess as well
SSH or FTP can be used to either create a new file or edit the .htaccess file.
Now for redirecting to HTTPS as discussed before, the code below should be used:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]Let us discuss one by one what the above codes represent
RewriteEngine On
The code above makes it possible to rewrite the rules
RewriteCond %{HTTPS} offThe code above is used to find out whether the connection is of HTTP request type or not and if it is then the next command is executed
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]This rule is able to rewrite http://example.com/about to http://example.com/about or http://www.example.com/about to https://www.example.com/about
Once these lines are added you should save your file and check after refreshing, this step will lead to all HTTP files being redirected to HTTPS
There are other rules for redirecting HTTP to HTTPS for example:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]REQUEST_URI Page is accessed by using this URI
HTTP_HOST Represents the hostname that is requested when visitor accesses the site.
Redirecting non-WWW to WWW and HTTP to HTTPS
As we know, either WWW or non WWW Url is used for accessing any site. The lines below can be added to .htaccess to achieve the redirection above:
RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^www\.example\.com [NC] RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]
Two conditions should be fulfilled in order to make it possible to redirect:
- If the request starts with WWW or not.
- Connection should not be HTTPS
Even one of the conditions is enough to execute the rewrite rule.
Redirecting non-WWW to WWW and HTTP to HTTPS
Run the code :
RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^example\.com [NC] RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
If you have any questions or feedback, we would love to hear it in the comments section below! We hope you found this tutorial on how to redirect your website to HTTPS helpful.
Related Posts:
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- Crunchbits Discontinuing Popular Annual Plans – The Community Mourns! - November 20, 2024
- RackNerd’s Black Friday 2024: Bigger, Better, and Now in Dublin! - November 19, 2024
- It’s the Season of Giving and CharityHost Has Deals for You! - November 18, 2024
It seemed difficult to do, but I did it thanks to this detailed and specific guide. Thank you very much for this useful sharing.
Hi drift boss, awesome to hear! Happy to see you were able to accomplish this. Good work!
If you have any content ideas, we’re happy to contribute more. Just let us know here :)
I’m not sure this is the most effective way, as it needs to read top server directory. IMHO, using “Redirect permanent” in “VirtualHost” declaration is much faster.
Generally, I’d recommend using .htaccess only in cases where VirtualHost user wants to do it on his own, and change it from time to time…
Hi Rhinox, Thanks for the feedback – that’s certainly another approach to doing it as well.
This particular method is also useful for those who are within shared hosting environments whereby the user does not receive escalated SSH privileges.
Your article is very good and useful, thank you for sharing, bk8 hopes that next time you will have more good articles to send to all readers.