How to Redirect HTTP to HTTPS Using .htaccess (SSL)


New member
Chrome and Firefox have started showing insecure warnings on sites without SSL certificates. Without SSL, your website will appear insecure to visitors. Therefore, using an SSL-encrypted connection for safety, accessibility, or PCI compliance reasons is necessary. It’s crucial to redirect from HTTP to HTTPS.

What is SSL?​

SSL (Secure Sockets Layer) is a standard security protocol for establishing encrypted links between a web server and a browser in online communication. The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.
An SSL certificate is necessary to create an SSL connection. You need to provide all details about the identity of your website and your company when you activate SSL on your web server. Following this, two cryptographic keys are created: a Private Key and a Public Key.

Learn More: Why SSL is Critical?​

To force your web traffic to use HTTPS, you need to edit the codes in the .htaccess file.

Editing .htaccess File​

The .htaccess file contains instructions or directives that tell the server how to act in certain scenarios and directly affects how your website functions. Common directives in the .htaccess file include:
  • Redirects
  • Rewriting URLs
Ways to edit an .htaccess file:
  1. Edit the file on your computer and upload it to the server using FTP.
  2. Use “Edit” mode in an FTP program that allows you to edit a file remotely.
  3. Use a text editor and SSH to edit the file.
  4. Use the File Manager in cPanel to edit the file.
Editing .htaccess in cPanel File Manager:

Backup your website in case something goes wrong.
  1. Login to cPanel.
  2. Go to Files > File Manager > Document Root for your domain.
  3. Select the domain name you want to access.
  4. Check “Show Hidden Files (dotfiles)”.
  5. Click “Go”.
  6. After a new tab or window opens, look for the .htaccess file.
  7. Right-click on the .htaccess file and click on “Code Edit” on the menu.
  8. A dialogue box may pop up asking about encoding. Click the “Edit” button to continue.
  9. Edit the file as needed.
  10. “Save Changes” when done.
  11. Test your website to make sure it is done correctly. If there is an error, restore the previous version and try again.
  12. Once you are done, click “Close” to close the window.

Redirecting HTTP to HTTPS​

1. Redirect All Web Traffic
If you have existing code in your .htaccess file, add the following:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]
2. Redirect Only a Specific Domain
For redirecting a specific domain to use HTTPS, add the following:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]
3. Redirect Only a Specific Folder
To redirect to HTTPS on a specific folder, add the following:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$$1 [R,L]
Note: Replace “yourdomain” with your actual domain name wherever required. Also, in the case of a folder, replace /folder with the actual folder name.

Think this was helpful? Share this article to help others move to HTTPS.