News:

Go to HostNed.com
Welcome.  This is a place to get user-to-user support, learn more, and share ideas.  If you can't find your answers here, feel free to ask by creating a new topic or visit the support ticket system at https://my.hostned.com :)  Have fun here!

Main Menu

Force HTTPS Connections

Started by Dynaweb, May 08, 2022, 08:18:38 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Dynaweb

Forcing HTTPS on All Website Traffic

HTTPS is the new standard in secure online connections for web pages. It ensures that connections are not being intercepted and instills confidence for your visitors.

When you enable HTTPS on your web site using an installed SSL certificate, you may still be able to load your pages using the traditional non-HTTPS connections, so to get things as secure as possible, it is recommended to enable https:// connections all the time. It is a good idea to enable this unless there is something that will not work in https mode for some reason. cPanel calls this "Force HTTPS redirect. You can find that setting under DOMAINS in your cPanel area. This is available for your main domain name only, so to force HTTPS connections on your subdomains and/or add-on domains, you can do that by adding some code to your .htaccess file.

Here is how to use the .htaccess file to force HTTPS redirects:

Go to File Manager in cPanel (or Plesk) and find .htaccess inside the public_html folder. Be sure to make a backup copy first just in case something goes wrong. If you can't find it, make sure to unhide hidden files in the settings.
Scroll down to find RewriteEngine On and insert the following lines of code below it:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Save the changes.
Important! Make sure that the line RewriteEngine On is not repeated twice. In case the line already exists, simply copy the rest of the code without it.

Force HTTPS on a Specific Domain Only
Let's say that you have two domains: http://yourdomain1.com and http://yourdomain2.com. Both domains access the same website, but you only want the first one to be redirected to the HTTPS version. In this case, you need to use the following code:


RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain1.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Make sure to replace yourdomain1 with the actual domain you're trying to force HTTPS on.

Forcing HTTPS on a Specific Folder
The .htaccess file can also be used to force HTTPS on specific folders only. However, the .htaccess file should be placed inside the folder that will have the HTTPS connection.


RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(folder1|folder2|folder3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

After making the changes, clear your browser's cache and try to connect to your site via HTTP. If everything was added correctly, the browser will automatically redirect you to the HTTPS version.

Even though your connections are now being automatically redirected to HTTPS. you may want to update your links in your website code to the new updated https:// address for best practice.