How to Force HTTPS via htaccess

As you may know, modern web browsers nowadays will display a prominent warning if the user is connecting to a non-secure website.

Moreover, this warning will still be shown even if the webpage is secured with valid SSL and HTTPS, but some content is being served via HTTP. 

To fix these issues, and to redirect all requests to your website to be served via HTTPS, you can simply put the code illustrated below in the .htaccess file in the root folder of your domain.

The .htaccess file lives in the root of your website's directory, but you can also put it in a subdirectory, wherein this case, all links under this subdirectory will follow that .htaccess file rules.

The .htaccess file is also a hidden file by default, so first, you need to make sure hidden files are visible in the files list.

How to unhide the .htaccess file:

From cPanel File Manager, edit the settings to show hidden files:

Note:

if you can't see the .htaccess file after making hidden files visible, it means it does not exist, so simply just create it following these steps (make sure to name it exactly as in the picture, with the dot before it, just like this: .htaccess

After making the .htaccess file visible or creating it, click the right mouse button and choose Edit from the menu to open it with the editor:

Now place this code at the top of the file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Of course, first of all, and before you redirect traffic to HTTPS, you need to make sure you have a valid and trusted SSL certificate already installed on the domain you will be redirecting to HTTPS (if you ordered a shared or business plan from us, then you should have an SSL automatically installed on your domain, shortly after it is pointed to our name servers).

Was this answer helpful? 5 Users Found This Useful (6 Votes)