This article was contributed by Dustin Cisneros at RackNerd, a web hosting and infrastructure as a service provider which was recently voted #1 by the LowEndTalk community! If you are looking for a Linux VPS, Ryzen VPS, Windows VPS, or shared and reseller hosting services, be sure to take a look at RackNerd’s latest special offers here.
Currently, most of the websites today run through SSL. Once you have installed the SSL certificate, proceed with the configuration of the application to serve all the web traffic over HTTPS. HTTP adds encryption to communication that occurs between a server and the client. HTTPS does this by using TLS/SSL. This encryption option isn’t possible with HTTP. There are several other points that make HTTPS stand out compared to HTTP:
- It is said that ranking system of search engines prefers HTTPS, so if you use it, there are more chances for your site to rank higher:
- Most of the commonly used browsers mark the websites that use HTTPS as safe.
- The information going from both server to client or client to server is encrypted, hence, greater security is provided.
Let’s see how we can force all web traffic to HTTPS from HTTP using .htaccess
How to redirect HTTP to HTTPS via .htaccess
The .htaccess is basically a configuration file that is used on Apache’s server. The dot in front represents that the file cannot be viewed, as it is hidden by default. .htaccess file defines how Apaches serve the files from the directory. .htaccess is usually placed in the domain root directory but the subdirectories can contain other .htaccess as well
SSH or FTP can be used to either create a new file or edit the .htaccess file.
Now for redirecting to HTTPS as discussed before, the code below should be used:
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Let us discuss one by one what the above codes represent
RewriteEngine On
The code above makes it possible to rewrite the rules
RewriteCond %{HTTPS} off
The code above is used to find out whether the connection is of HTTP request type or not and if it is then the next command is executed
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This rule is able to rewrite http://example.com/about to http://example.com/about or http://www.example.com/about to https://www.example.com/about
Once these lines are added you should save your file and check after refreshing, this step will lead to all HTTP files being redirected to HTTPS
There are other rules for redirecting HTTP to HTTPS for example:
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
REQUEST_URI Page is accessed by using this URI
HTTP_HOST Represents the hostname that is requested when visitor accesses the site.
Redirecting non-WWW to WWW and HTTP to HTTPS
As we know, either WWW or non WWW Url is used for accessing any site. The lines below can be added to .htaccess to achieve the redirection above:
RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^www\.example\.com [NC] RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]
Two conditions should be fulfilled in order to make it possible to redirect:
- If the request starts with WWW or not.
- Connection should not be HTTPS
Even one of the conditions is enough to execute the rewrite rule.
Redirecting non-WWW to WWW and HTTP to HTTPS
Run the code :
RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^example\.com [NC] RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
If you have any questions or feedback, we would love to hear it in the comments section below! We hope you found this tutorial on how to redirect your website to HTTPS helpful.
Related Posts:
- Silicom Network’s Lifetime Deals Are Back!Get Started for $9 ONCE in Many Cities Around the World - December 13, 2024
- Hetzner Terminates Kiwix With Extreme Prejudice – What Do You Think? - December 11, 2024
- Die Hard is the Greatest Christmas Movie Ever!Learn a Little Computer Trivia from the Film and Get Bonus Entries in RackNerd’s Holiday Giveaway! - December 10, 2024
It seemed difficult to do, but I did it thanks to this detailed and specific guide. Thank you very much for this useful sharing.
Hi drift boss, awesome to hear! Happy to see you were able to accomplish this. Good work!
If you have any content ideas, we’re happy to contribute more. Just let us know here :)
I’m not sure this is the most effective way, as it needs to read top server directory. IMHO, using “Redirect permanent” in “VirtualHost” declaration is much faster.
Generally, I’d recommend using .htaccess only in cases where VirtualHost user wants to do it on his own, and change it from time to time…
Hi Rhinox, Thanks for the feedback – that’s certainly another approach to doing it as well.
This particular method is also useful for those who are within shared hosting environments whereby the user does not receive escalated SSH privileges.
Your article is very good and useful, thank you for sharing, bk8 hopes that next time you will have more good articles to send to all readers.