How to Force HTTPS With the .HTACCESS File

HTTPS is a standard encryption protocol between client and server. Even more, HTTPS ensures security between client and server.

What is HTTPS?

HTTPS stands for HyperText Transfer Protocol Secure. We can force HTTPS with the .htaccess file if you are using Apache or Nginx.

NOTE: You need to install the SSL certificate first to force HTTPS.

Nowadays, security is a major factor for commercial websites and blogs. That’s why SSL certificates are important to show that your website is safe to browse and interact with.

Benefits of forcing your website to HTTPS

Google also made SSL mandatory from 2018. That means google chrome will show a warning on Non-SSL websites. There are also other benefits according to various criteria as mentioned below.

Data Protection

Https securely manages client-server communication. HTTPS encrypts every bit of data transfer between client and server, which can not be decrypted by any third party or unauthorized person.

Better Search Engine Optimization

For a few years, Google is showing more trust in Https-enabled websites. Google also changed its algorithm for website indexing, according to HTTP enabled and disabled websites.

User Trust

Https ensures user trust and makes them feel safe while browsing. In modern society, users are concern about their data and privacy protection. With an SSL certificate and force HTTPS redirection, we can maintain users’ trust and feel them secure.

Force HTTPS with the .htaccess

After a successful installation of an SSL certificate, we can force HTTPS with the .htaccess file. Here are some steps to follow.

Step 1 – Create .htaccess file

Create the .htaccess file in the root directory. Or open the existing .htaccess file if you are using CPanel.

Step 2 – Add Force HTTPS Rule

Just add the following Rule in the .htaccess file to force HTTPS.

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Read More: How to Force Image Download in PHP From a Link


Here, we used the .HTACCESS redirection to force HTTPS. I hope now you can secure your website by forcing HTTP to HTTPS protocol.

Enjoy Programming πŸ™‚

Leave a Reply

Your email address will not be published. Required fields are marked *