Force HTTPS/SSL Connection Using .htaccess
Securing your website with HTTPS is essential for protecting visitor data and improving your search engine rankings. This guide shows you how to automatically redirect all HTTP traffic to HTTPS using the .htaccess file.
Prerequisites
- An active SSL certificate installed on your domain (Faciotech provides free SSL certificates with all hosting plans)
- Access to your website's file manager or FTP
The .htaccess Redirect Code
Add the following code to your website's .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]How This Code Works
- RewriteEngine On - Enables the URL rewriting engine
- RewriteCond %{HTTPS} off - Checks if the connection is NOT using HTTPS
- RewriteRule - Redirects the request to the HTTPS version with a 301 (permanent) redirect
Where to Place the .htaccess File
- For your main domain: Place in the
public_htmlfolder - For an addon domain: Place in the addon domain's document root
- For a subdomain: Place in the subdomain's document root
Step-by-Step Instructions
- Log into your cPanel account
- Open File Manager
- Navigate to your website's document root (usually
public_html) - If
.htaccessexists, click to edit it. If not, create a new file named.htaccess - Add the redirect code at the top of the file
- Save the file
- Test by visiting
http://yourdomain.com- it should redirect tohttps://yourdomain.com
Alternative: Force SSL for a Specific Folder
To force HTTPS only for a specific folder (like an admin area):
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/admin [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]Troubleshooting
- Redirect Loop - Make sure your SSL certificate is properly installed
- Mixed Content Warnings - Update internal links and resources to use HTTPS
- 500 Error - Check for syntax errors in the .htaccess file
Need help? Contact our support team for assistance.
