This is a complete step by step guide to redirect http to https using .htaccess.

Having an HTTPS is critical now a days. It is a symbol of trust. Google Chrome, Firefox, and other popular browser display a warning when a visitor load a website running on HTTP. They mark them as unsecure site.

For an eCommerce store, it is much more vital to load the site on secure socket.

In this post, I will tell you a simple and easy to follow procedure of forcing a redirect HTTP to HTTPS by using .htaccess.

Redirect HTTP to HTTPS using .htaccess

  1. Edit .htaccess file using FTP or cPanel
  2. Redirect HTTP to HTTPS in Apache
  3. Redirect HTTP to HTTPS in Nginx
  4. HTTP redirect to HTTPS in Cloudflare

Edit .htaccess file using FTP or cPanel

Don’t worry if you don’t know how to access the .htaccess file you can take the help from your developer or just follow along, first I will tell you how to edit it.

  • Method #1: Edit the .htaccess file on your computer locally. Upload it to the server via FTP.
  • Method #2: Open the FTP program, and use the Edit function to edit the file remotely.
  • Method #3: Go to cPanel and open the File Manager to edit the .htaccess file. (I have written this method in detail)

Editing .htaccess in cPanel File Manager

Note: Take a backup of your site before messing with the cPanel File Manager.

How to edit .htaccess file in cPanel File Manager:

  1. Open your cPanel account
  2. Click on File Manager from the Files Tab
  3. Find the “Setting” at the top right corner of the page, click on it
  4. Click on the Document Root for (the domain name) and check the Show Hidden Files (image below)
  5. Save to update the File Manager
  6. Find the public_html file and click on it
  7. On the next page, you will find the .htaccess file
  8. Click once on the .htachess file and then click on the “Edit” at the top bar
  9. A warning box will pop up, but click on Edit
  10. On the next page, a code editor will open
  11. Edit the code
  12. Save the file
redirect http to https cpanel

After everything is done, check the site if the changes are made. If anything goes wrong, follow the same procedure to find the .htaccess file and restore the older version.

Now, you know how to edit the .htaccess file, let’s redirect HTTP to HTTPS using the edit .htaccess file method.

Redirect HTTP to HTTPS in Apache

1. Redirect All Web Traffic

Add this code below the existing code in your .htaccess file.

RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$$1 [R,L]

2. Redirect Only a Specific Domain

Add this code to redirect a specific domain to use HTTPS.

RewriteEngine On RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$$1 [R,L]

3. Redirect Only a Specific Folder

Add this code to redirect a particular folder to use HTTPS.

Services we offer:RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} folder RewriteRule ^(.*)$$1 [R,L]

Note: At the place of “yourdomain” in the code, add your domain name. Similarly, replace the /folder with your folder name.

HTTP to HTTPS redirect in NGINX

  1. Login to NGINX webserver
  2. Add return 301 https://$server_name$request_uri in server directive.
  3. Save the file.
  4. The last step is to restart your NGINX web server.

Note: Take a backup of nginx.conf or default.conf file

HTTP redirect to HTTPS in Cloudflare

If you are using Cloudflare, then you can perform HTTP redirection easily.

  • Login to Cloudflare
  • Selection your website
  • Go to Crypto tab
  • Scroll down to “Always Use HTTPS section”
  • Make sure it is turned ON

What is SSL?

SSL or Secure Sockets Layer is a standard security protocol that encrypts the connection between the web browser and server.

It protects sensitive information like a credit card, login details, and other user information.

Use of the SSL ensures that the data transferring between the web server and browser remain encrypted. If someone captures the data packages in the middle, the person will not be able to make sense of the data without the keys.

These keys are provided by the SSL certificate.

Hence, the data is secure on HTTPS.

Why do you need SSL for your website?

Secure Transactions: If you are selling something on your blog, then the transactions must happen on HTTPS. Or there is a large risk of stealing of credit card information and various other shopping scams.

Boost SEO: Having an SSL on the site gives boost to SEO. The Google wants web to be a secure place, hence, it gives priority to secure sites.

PCI Compliance: The Payment Card Industry has established rules for the site that enable the online transaction on the site. If you want to enable the credit card on your eCommerce store, then you have to be PCI compliant. Or you will have to pay a hefty penalty.

HTTPS browser trust indicator: The browser displays the Green bar for the site that loads on HTTPS. It gives a trust boost to the site.

Read More: HTTPS vs HTTP

Force Redirect HTTP to HTTPS using htaccess

Wrapping Up

Having an SSL certificate on your site, and loading it over the HTTPS is a necessity if you are running an online business.

In this article, I told you how to force redirect HTTP to HTTPS using htaccess file.

If there is any problem at any steps, leave it in comments.

Posted by Editor