Step-by-Step Guide: Redirecting HTTP to HTTPS Using .htaccess

Chrome and Firefox now display insecure warnings for websites lacking SSL certificates. If your website lacks SSL, it will be labeled as insecure to visitors. Consequently, it is crucial to employ an SSL-encrypted connection for reasons related to safety, accessibility, or PCI compliance. Redirecting from HTTP to HTTPS becomes exceptionally important in this regard.

What is SSL?

SSL (Secure Sockets Layer) is a widely used security protocol that establishes encrypted connections between web servers and browsers during online communication.

SSL technology ensures that all data exchanged between the web server and browser remains encrypted and protected.

To enable SSL, you need an SSL certificate that requires providing details about your website’s identity and your company. This process generates two cryptographic keys: a Private Key and a Public Key.

If you wish to enforce HTTPS for your web traffic, you can achieve it by modifying the codes in the .htaccess file.

Before we delve into the steps for redirecting HTTP to HTTPS, let’s quickly review how you can edit the .htaccess file. If you are already familiar with this process, you can skip ahead to the redirection steps.

Editing .htaccess File

The .htaccess file contains instructions or directives that dictate the behavior of the server and directly impact the functioning of your website. It includes common directives such as redirects and URL rewriting.

Here are different methods to edit an .htaccess file:

  1. Edit the file on your computer and then upload it to the server using FTP (File Transfer Protocol).
  2. Utilize the “Edit” mode within your FTP program, which enables remote editing of files.
  3. Make use of a text editor and SSH (Secure Shell) to modify the .htaccess file directly on the server.
  4. Access the File Manager in cPanel, a web-based control panel, to edit the .htaccess file through its built-in editor.

To edit the .htaccess file using cPanel File Manager, please follow these steps:

  1. Before making any changes, it’s important to back up your website as a precautionary measure.
  2. Login to your cPanel account.
  3. Navigate to the “Files” section and click on “File Manager.”
  4. Select the “Document Root for” option and choose the desired domain name from the dropdown menu.
  5. Ensure that the option “Show Hidden Files (dotfiles)” is checked.
  6. Click on the “Go” button.
  7. A new tab or window will open, displaying the contents of the selected domain’s root directory. Look for the .htaccess file within this list.
  8. Right-click on the .htaccess file and select “Code Edit” from the menu that appears.
  9. A dialogue box might appear, asking about encoding. Click on the “Edit” button to proceed.
  10. Make the necessary edits to the .htaccess file.
  11. Once you’ve finished editing, click on the “Save Changes” button.
  12. It’s essential to test your website to ensure that the changes were implemented correctly. If you encounter any errors, revert to the previous version of the file and attempt the modifications again.
  13. Finally, click on “Close” to close the editing window and complete the process.

Redirecting HTTP to HTTPS

1. Redirect All Web Traffic

If you already have existing code in your .htaccess file, add the following:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

2. Redirect Only a Specific Domain

For redirecting a specific domain to use HTTPS, add the following:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

3. Redirect Only a Specific Folder

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$$1 [R,L] Please make sure to substitute "yourdomain" with your actual domain name wherever necessary. Additionally, if you are working with a specific folder, replace "/folder" with the corresponding folder name.