Home Web Hosting The way to Drive HTTPS utilizing .htaccess?

The way to Drive HTTPS utilizing .htaccess?

by rigotechnology

HTTPS is a safety customary that protects delicate data because it travels out of your pc to the server. It’s essential so that you can drive HTTPS in your web site as a result of it prevents hackers from intercepting and studying non-public knowledge, resembling passwords or bank card numbers.

On this weblog put up, we’ll present you drive HTTPS utilizing .htaccess information! By the tip, you’ll discover ways to drive guests to make use of SSL and redirect all site visitors from insecure requests.

The way to Drive HTTPS utilizing .htaccess?

Let’s divide this reply into 4 sections. This may mean you can discover the most effective strategies in your particular wants.

Drive HTTPS for Each Kind of Visitors

If you wish to drive all site visitors in your web site to make use of a safe connection, you may arrange 301 redirects in your .htaccess file. Right here’s drive HTTPS:

  • To edit the internet hosting panel’s .htaccess file, find File Supervisor in your web site and open it up inside public_html
  • Find RewriteEngine On after which add:
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  • Don’t overlook to avoid wasting

It’s essential that you simply be sure that the road: RewriteEngine On, isn’t repeated twice. If it already exists simply copy all the pieces else with out this half in case there’s any mistake!

Forcing HTTPS on Secondary Domains

Redirecting your second area to HTTPS is straightforward with this one piece of code:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain2.com [NC]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Within the above code, all the time change “yourdomain2.com” to your area’s precise title. That is simply an instance.

Utilizing the above code will make sure that any site visitors going to yourdomain.com shall be redirected to the safe model of your web site, which is recognized by the ‘s’ within the URL.

Forcing HTTPS on Folders

The .htaccess file is a vital a part of your web site that you should utilize to drive HTTPS on any folder you want, however it ought to solely ever be present in one location with this enabled.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(folder1|folder2|folder3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Clear your browser’s cache and see should you can connect with our web site by way of HTTP. If that labored, congratulations! You now have entry to the safe HTTPS model of this web page.

Forcing HTTPS On WordPress

It’s doable to enter in a direct HTTP URL in your WordPress web site even when you’ve got an SSL certificates. To drive this to occur, alter your WordPress .htaccess file with the next line of code:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Header all the time set Content material-Safety-Coverage "upgrade-insecure-requests;"

Doing it will drive WordPress to solely load pages by way of a safe connection, even when the person varieties in an insecure URL

What Is HTTPS?

HTTPS is a safety customary that protects delicate data because it travels out of your pc to the server. It stands for HyperText Switch Protocol Safe and is used to guard data resembling passwords or bank card numbers.

It encrypts all knowledge despatched between your pc and the web site utilizing SSL/ TLS encryption. This makes it tough for hackers to learn any transmitted data, resembling passwords, telephone numbers, and so on., as a result of they gained’t have the ability to break the code.


Generally issues don’t go based on plan. To ensure your modifications are legit, attempt clearing the cache of your browser(s). If you happen to’re nonetheless unable to drive HTTPS, then think about the next:


Your .htaccess file should have no redirects to a different model of your URL. If that’s the case, and should you’re utilizing Cloudflare, the “too many redirects error” will seem in your browser.


WordPress is usually the reason for this situation, because it requires your URLs to both have an ‘www’ or not. Speak to your host to ensure your web site is utilizing the proper format.

Why Is HTTPS Vital?

The significance of getting an internet site that makes use of an encrypted connection is to forestall hackers from intercepting and studying non-public knowledge. An unsecured web site makes it straightforward for anybody on the identical community as you or another particular person who can view your site visitors, to study what data you’re sending over the online.

Additionally, individuals don’t belief web sites that use unsecured connections as a result of the data is just not non-public. For instance, should you have been to fill out a type on an unsecured connection then this knowledge could be seen for others who’re linked to the identical community as you.

Actually, seeing HTTP as a substitute of the inexperienced padlock within the browser’s deal with bar could be a signal that your knowledge is just not being protected accurately. This might result in prospects dropping belief in your web site and leaving, which may have a unfavourable affect on your corporation.

In case your web site makes use of SSL certificates and forces customers onto safe pages, guests will really feel extra comfy getting into their private data in your web site. It’s because the person will know that their knowledge is encrypted and can’t be considered by different people who could also be snooping round on the identical community.


In conclusion, you should utilize the .htaccess file to drive all site visitors in your web site to make use of a safe connection. This may assist to forestall hackers from intercepting and studying non-public knowledge, resembling passwords or bank card numbers.

Utilizing a web site with out an encrypted connection may have unfavourable impacts on your corporation as a result of lack of belief from prospects. For this reason utilizing SSL certificates and forcing customers onto safe pages could be extraordinarily useful for any web site seeking to defend delicate data resembling private knowledge.

If none of those steps work, then contact your host to see in the event that they may help with this situation. Most good net hosts will have the ability to assist get your web site onto a safe web page.

We hope that this text helped you perceive drive your web site to make use of a safe connection. If in case you have any questions or considerations, please don’t hesitate to achieve out to us! We’d be pleased to assist.


You may also like

Platform Slot Gacor CMS Checker