Chrome and Firefox have started showing insecure warnings on sites without SSL certificates. Without SSL, your website will show insecure to the visitors. Therefore, using an SSL-encrypted connection for safety, accessibility or PCI compliance reasons is necessary. It becomes very important to redirect from HTTP to HTTPS.
What is SSL?
SSL (Secure Sockets Layer) is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication.
The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.
An SSL certificate is necessary to create SSL connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server. Following this, two cryptographic keys are created — a Private Key and a Public Key.
In order to force your web traffic to use HTTPS, edit the codes in the .htaccess file.
Before we move onto redirecting HTTP to HTTPS, here’s how you can edit .htaccess file. If you already know skip to Redirection steps.
Editing .htaccess File
There are instructions/directives in the .htaccess file that tell the server how to act in certain scenarios and directly affects how your website functions. Common directives in .htaccess file:
- Redirects
- Rewriting URLs
Ways to edit an .htaccess file:
- Edit the file on your computer and upload it to the server using FTP.
- Use “Edit” mode in FTP program that allows you to edit a file remotely.
- Use a text editor and SSH to edit the file.
- Use the File Manager in cPanel to edit the file.
Editing .htaccess in cPanel File Manager
Note: Backup your website in case something goes wrong.
- Login to cPanel
- Files > File Manager > Document Root for:
- Now select the domain name you want to access
- Check “Show Hidden Files (dotfiles)”
- Click “Go”
- After a new tab or window opens, look for the .htaccess file.
- Right click on the .htaccess file and click on “Code Edit” on the menu.
- A dialogue box may pop up asking about encoding. Click “Edit” button to continue.
- Edit the file
- “Save Changes” when done.
- Test your website to make sure it is done correctly. In case, there is an error, restore to the previous version and try again.
- Once you are done, click “Close” to close the window.
Redirecting HTTP to HTTPS
1. Redirect All Web Traffic
If you have existing code in your .htaccess, add the following:
1 2 3 |
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L] |
2. Redirect Only a Specific Domain
For redirecting a specific domain to use HTTPS, add the following:
1 2 3 4 |
RewriteEngine On RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L] |
3. Redirect Only a Specific Folder
Redirecting to HTTPS on a specific folder, add the following:
1 2 3 4 |
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} folder RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L] |
Note: Replace “yourdomain”
with your actual domain name wherever required. Also, in case of the folder, replace /folder
with the actual folder name.
Think it was helpful? Share this article to help others come on HTTPS.