htaccess http file modification

Forcing HTTPS Using .htaccess Modifications





There are lots of benefits to switching your website from HTTP to HTTPS including better SEO and online reputation. Perhaps you’ve already made the transition to HTTPS. If so, congratulations! But what happens to all those backlinks you’ve built that use HTTP? How do you ensure that people who click those links end up seeing your site over HTTPS instead of HTTP?

The Magic of the .htaccess File

Luckily there’s a simple way to do it via your .htaccess file. If you’re unsure how to find or modify your .htaccess file, check with your website hosting company for their documentation. It’s usually done via FTP or CPanel.




In general, you want your .htaccess file to look at the incoming url request and rewrite it to HTTPS if it’s not already using it. You’ll use the RewriteEngine for accomplish this. If you’re using a WordPress installation, there will already be some WordPress code in the .htaccess file – ensure that you place the RewriteEngine rules before all of the WordPress code. To enable a redirect for a single site, you can use any of the 3 blocks listed below in .htaccess:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^yourdomain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.yourdomain\.com$
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^yourdomain\.com$|^www\.yourdomain\.com$
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?yourdomain\.com
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

You’ll want to replace “yourdomain” with your domain name and the “.com” with your generic top level domain – usually “.com”, “.net”, or “.org”.

For the most part, all of the rule sets above do the same job. Line 1 enables the RewriteEngine and line 2 checks the port (80 for http, 443 for https). The final line rewrites the URL with https://. The line or lines in between the first 2 and the last verify whether a domain name in the initial request is with or without “www.” alias.



Check With Your Hosting Company

Your web hosting company may have different guidelines for modifying the .htaccess file. The company we use, InMotionHosting, already has a “www” alias rewrite built into their servers so their recommendations don’t include that portion of the modification since it’s not needed. Although leaving it won’t hurt, there’s no point in forcing every request to process that extra line.



You May Also Like:

Follow Me

Sharif Jameel

Owner/CEO at CGS Computers
Sharif Jameel is a business owner, IT professional, runner, & musician. His professional certifications include CASP, Sec+, Net+, MCSA, & ITIL and others. He's also the guitar player for the Baltimore-based cover band, Liquifaction.
Follow Me

Leave a Reply