Last updated on October 10th, 2023 at 03:14 pm

It's as easy as copy/paste with these code snippets.

Work on computer

There are lots of benefits to switching your website from HTTP to HTTPS including better SEO and online reputation. Perhaps you’ve already made the transition to HTTPS. If so, congratulations! But what happens to all those backlinks you’ve built that use HTTP? How do you ensure that people who click those links end up seeing your site over HTTPS instead of HTTP?

The Magic of the .htaccess File

Luckily there’s a simple way to do it via your .htaccess file. If you’re unsure how to find or modify your .htaccess file, check with your website hosting company for their documentation. It’s usually done via FTP or CPanel.

In general, you want your .htaccess file to look at the incoming URL request and rewrite it to HTTPS if it’s not already using it. You’ll use the RewriteEngine to accomplish this. If you’re using a WordPress installation, there will already be some WordPress code in the .htaccess file – ensure that you place the RewriteEngine rules before all of the WordPress code. To enable a redirect to a single site, you can use any of the 3 blocks listed below in .htaccess:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^yourdomain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.yourdomain\.com$
RewriteRule ^(.*)$$1 [R,L]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^yourdomain\.com$|^www\.yourdomain\.com$
RewriteRule ^(.*)$$1 [R,L]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?yourdomain\.com
RewriteRule ^(.*)$$1 [R,L]

You’ll want to replace “yourdomain” with your domain name and the “.com” with your generic top-level domain – usually “.com”, “.net”, or “.org”.

For the most part, all of the rule sets above do the same job. Line 1 enables the RewriteEngine and line 2 checks the port (80 for http, 443 for https). The final line rewrites the URL with https://. The line or lines in between the first 2 and the last verify whether a domain name in the initial request is with or without “www.” alias.

Check With Your Hosting Company

Your web hosting company may have different guidelines for modifying the .htaccess file. The company we use already has a “www” alias rewrite built into their servers so their recommendations don’t include that portion of the modification since it’s not needed. Although leaving it won’t hurt, there’s no point in forcing every request to process that extra line.

Sharif Jameel is a business owner, IT professional, runner, & musician. His professional certifications include CASP, Sec+, Net+, MCSA, & ITIL and others. He’s also the guitar player for the Baltimore-based cover bands, Liquifaction and Minority Report.

2 thoughts on “Forcing HTTPS Using .htaccess Modifications”

  1. Pingback: WordPress Security: Protecting Your Site from Hackers - Website Design Baltimore | SEO Baltimore | CGS Computers

  2. Pingback: 3 Ways Your Web Host Could Be Damaging Your SEO - Website Design Baltimore | SEO Baltimore | CGS Computers

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe to Our Mailing List

If you found the information in this post helpful, we'd love to have you join our mailing list. We promise we won't spam you, we only send out emails once a month or less.

You May Also Like:

This site requires the use of cookies to ensure you get the best experience.

Scroll to Top
Available for Amazon Prime