How to Force HTTPS With the .Htaccess File

What is HTTPS?

Https stands for Hyper Text Transfer Protocol Secure. We can force HTTPS with the .htaccess file if you are using Apache or Nginx.

NOTE: You need to install the SSL certificate first to force HTTPS.

Nowadays security is a major factor for commercial websites and blogs. That’s why SSL certificates are important to show that your website is safe to browse and to interact.

Google also made SSL mandatory from 2018. That means google chrome will show a warning on Non-SSL websites.

Benefits of forcing your website to HTTPS

1 – Data Protection

Https securely manages client-server communication. Https encrypts every bit of data transfer between client and server. Which can not be decrypted by any third party or unauthorized person.

2 – Better Search Engine Optimization

From few years google is showing more trust on Https enabled websites. Google also changed its algorithm for website indexing according to Https enabled and disabled websites.

3 – User Trust

Https ensures user trust and make them feel safe while browsing. In modern society, users are concern about their data and privacy protection. With SSL certificate and force HTTPS redirection, we can maintain users trust and feel them secure.

Force HTTPS with the .htaccess

After SSL certificate is installed on your domain you need to force HTTPS with the .htaccess file. Here are some steps to follow.

Step 1 – Create .htaccess file

Create the .htaccess file in the root directory. Or open the existing .htaccess file if you are using CPanel.

Step 2 – Add Force HTTPS Rule

Just add following Rule in the .htaccess file to force HTTPS.

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Leave a Reply

Your email address will not be published. Required fields are marked *