How to Force HTTPS using the .htaccess File

Hosting Expert 2 min read

May 24, 2022 6:57 AM

According to the latest SEO standards and Google’s announcement, you should have an SSL certificate on your site. Sometimes, when you try to add HTTPS to an existing site, it might not work for all pages, and you have to make a redirect.

Many people try to use a plugin and not check if all pages have HTTPS on them. In this tutorial, you will learn how to force HTTPS using the .htaccess file.

Here Are a Few Steps To Follow:

Before you start editing anything, you should have access to your hosting account and its cPanel. A few hosting companies might not provide cPanel. In such a case, you can use FTP.

Step 1).

Step 2).

Look for the File Manager and open it because all the data of a site is stored in it.

How to Force HTTPS using the .htaccess File

Step 3).

From the left-sidebar, click on the public_html directory which is also known as the root directory for a website.

Sometimes, people get confused when they don’t see anything after opening the file manager.

Step 4).

At the top, you will see all folders.

Scroll down and look for the .htaccess file

. Right-click and select “Edit”. A popup will show up for confirmation. Choose “Edit” and continue.

Step 5).

A new tab will open up. You have to add a rewritten code to the file and save it.

Here is the code:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This code will force redirect all the traffic to the HTTPS version of your site.

How to Force HTTPS For a Specific Domain?

Sometimes, people use multiple domains on a single site by mapping them. In such a case, they try to redirect only the primary domain to the HTTPS version of their site.

Here is the code you have to add:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain1.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Please don’t forget to save the changes.

How to Force HTTPS To a Particular Folder?

Many people install a site on a folder or something similar. It can also be something related to serving files from that particular folder through a secure connection.

Here is the required code:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(folder1|folder2|folder3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

After clicking on the save changes button from the top-right corner of the code editor, your site will start redirecting to HTTPS.

Note: This will work only if you have enabled an SSL certificate from your hosting account or an external source.

Many companies offer free SSL with every site. So, before you buy a hosting plan, it’s always recommended to check if they offer free SSL or charge extra for it. Companies like Bluehost, Siteground, InMotion Hosting, and many others provide you with a free SSL certificate that you can enable for a new or old site.

You need to force HTTP using the .htaccess file only when you created your site with the HTTP version a while ago. If you’re starting a new site, you can use HTTP directly without any redirect. It will also help you prevent from using a plugin.

Conclusion

To have a better SEO score and to compliance with the latest SEO standards, you should always have HTTPS enabled on your site.

If you open a site with HTTP on Google Chrome, it will display a warning message about the site being not secure. This also is a trust factor for most users.

Looking for Top web hosting? Clicking on this link can be the solution.