Search Our Database

How To Enforce SSL or HTTPS Using .htaccess And mod_rewrite

Last updated on |
by

If your website deals with important information such as credit card numbers or any real-life personal information and/or has money based transaction and payment, it is best to ensure your visitors are browsing your site over a secure connection.

An easy way to ensure your visitors’ connection to your website is secured, you can rewrite your .htaccess file to redirect your visitors to use a secured connection (https://).

Step 1 – Login into your web server.

Step 2 – Access your .htaccess file.

Step 3 – Open and edit your .htaccess file.

Step 4 – Add the following codes into .htaccess.

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Note: .htaccess file must be located on your web server’s main folder.

If you would like to enforce a secure connection on certain pages of your website, you can use the following code and replace “www.domain.com/somefolder” with your own URL.

Note: .htaccess file must be located in the subdirectory of your chosen page.

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} somefolder 
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]