force SSL using .htaccess file

Security has become one of the most important concerns on the Web. Very often we skip visiting a Web Page just because it doesn’t have a SSL. And most of the internet users do not share any of their credentials like email address with the Websites without a SSL. If you do not have a clear concept of SSL you may visit our Knowledgebase Article What is a SSL? Here we’re going to show you ‘How to force SSL using .htaccess’

Step by step guide on How to force SSL using .htaccess:

To force all your visitors using SSL(Browse over https://) simply insert the following line of code in the .htaccess file located in your Website’s root directory.

Important Note: Do you have existing code in your .htacess file, add these above where there are already rules with similar prefix.

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

Be sure to replace www.yourdomain.com with your actual domain name.

To force a specific domain to use HTTPS, use the following lines of code in the .htaccess file in your website’s root folder:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

Don’t forget to replace yourdomain\.com with the domain name that you’re trying force to use SSL. Additionally, you must have to replace www.yourdomain.com with your domain name.

Want to force SSL on a specific folder? Then you should insert these lines of code below into a .htaccess file placed in that specific folder:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} folder 
RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L]

Make sure you change the folder reference to the actual folder name you want to send traffic. Don’t forget to replace www.yourdomain.com/folder with your actual domain name and folder you want to force the SSL on.

  • Was this article Helpful ?
  • yes   no

Leave a Reply