How to Redirect HTTP to HTTPs in htaccess?

Did you know that Google Chrome and Firefox are now displaying insecure warnings on sites lacking SSL certificates? Without SSL, your website will appear as "unsecure" to visitors. As a result, utilizing an SSL-encrypted connection is essential for security, accessibility, or PCI compliance. It’s critical to move from HTTP to HTTPS for the redirect to be effective.

Before we proceed, let’s first understand SSL.

What is SSL?

The Secure Sockets Layer (SSL) standard security protocol for connecting a web server to a browser in internet communication is often known as SSL.

Any data that passes between the browser and web server is secured by SSL technology.

To establish an SSL connection, you’ll need an SSL certificate. When you enable SSL on your web server, you must provide all information about the identity of your website and your business and any other relevant information. Following this, two cryptographic keys are generated: a Private Key and a Public Key.

In 2018, Google Made SSL Mandatory

At the beginning of 2018, Google will mark websites that do not have an SSL/TLS Certificate installed to provide a safer online surfing experience.

If a website owner does not follow this rule, popular browsers like Google Chrome and Firefox Mozilla will display a warning notice on the URL bar stating “Not Secure.”

SSL is required by law, so any personal or commercial website must have it. It’s not something a website owner wants to deal with if you don’t follow through with your end of the bargain.

Why is SSL critical to your website?

SSL Protects Data

An SSL-enabled website encrypts all the data transferred between your computer and the website’s server so that no one can read it, which helps protect your data from being stolen or hacked.

SSL Builds Trust

When visiting a website that uses SSL, your browser will display a padlock icon in the address bar. It indicates that the website uses a secure connection and that your data is being encrypted- this builds trust with your visitors, as they know that their information is safe when entering it into your website.

SSL Improves Search Engine Ranking

Google has confirmed that SSL is now a ranking factor for websites- this means that if you have an SSL certificate installed on your website, your site will rank higher in search engine results pages (SERPs) than websites that do not have SSL.

SSL Affirms Your Identity

If you are a business owner, having an SSL certificate installed on your website is essential for two reasons: first, it confirms to your customers that your website is legitimate, and second, it helps to protect them from fraudulent websites.

SSL Helps Satisfy PCI/DSS Requirements

If you want to take online payments, you need to be aware of PCI/DSS standards. Your website must satisfy PCI requirements to receive online payments. The payment card industry (PCI) has established a list of 12 key standards, one of which is having an SSL certificate installed.

As a result, SSL is critical whether you want it or not.

Before we proceed to redirect HTTP to HTTPS, here’s how you can modify the file. If you already know how to do it, skip down to Redirecting Steps.

How to edit the .htaccess file?

The instructions or directives in the .htaccess file tell the server how to respond in certain situations. And one of these is how to redirect traffic from HTTP to HTTPS.

The common directives in the .htaccess file are Redirects and Rewriting URLs.

To add the necessary directives to your .htaccess file, you’ll need to use a text editor such as Notepad or TextEdit on a Mac to access it.

The File Manager may be used with cPanel, although not all web hosts support it. After you’ve opened the file, add the following code:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}

Save all changes and close the file.

How to test your redirect?

You may test whether a redirect is functioning by opening a web browser and entering http:// in the address bar.

What are the ways to edit an .htaccess file?

• Upload the file to your server using FTP after making any necessary changes on your computer.
• Change the file’s mode to “Edit” in your FTP software, which allows you to edit a file remotely.
• Use the text editor and SSH to edit the file.
• Use the File Manager (cPanel) to edit the file.

How to edit .htaccess in the cPanel File Manager?

Please note that it is critical to backup your website if something goes wrong.

• Login to cPanel
• Go to Files, then File Manager, and then Document Root for:
• Select the domain that you wish to access
• Check 'Show Hidden Files (dotfiles)'
• Click ‘Go’
• Look for the .htaccess file when a new tab opens.
• Right-click on the .htaccess file
• On the menu, click on 'Code Edit'
• When a dialogue box pops up asking about encoding, click the 'Edit' button to continue.
• Edit the file
• 'Save Changes'

Test your website to ensure that it is up and running correctly. If there is an error, return to the previous version. Try once more. Once done, click ‘Close’

Now that you understand SSL, let’s see how to redirect HTTP to HTTPs in htaccess.

You can use three methods to redirect HTTP to HTTPS in htaccess.

Method 1: Redirect all traffic from HTTP to HTTPS

Code in your htaccess file:
RewriteEngineOn
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Method 2: Redirect traffic from a specific domain to HTTPS

Code in your htaccess file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1

Method 3: Redirect traffic from a specific URL to HTTPS

Code in your htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/%1

If you use a CMS like WordPress, Joomla or Drupal, you can use a plugin to redirect HTTP to HTTPS. There are many plugins available for different CMSs that can help you to redirect HTTP to HTTPS.

Endnote

Redirecting from HTTP to HTTPS is necessary to safeguard your website and its users from data theft and other security risks. You can quickly accomplish this in the htaccess file using the techniques described above.