Skip to content

Dear Internet Explorer user: Your browser is no longer supported

Please switch to a modern browser such as Microsoft Edge, Mozilla Firefox or Google Chrome to view this website's content.

Code
Adam Dimech’s Coding Blog

Redirect HTTP to HTTPS

Use .htaccess to redirect all server traffic from HTTP to HTTPS

The following code, which can be added to a server’s .htaccess file, will redirect all traffic from HTTP to HTTPS:

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Bear in mind that this solution may not be suitable for all situations.

If some link or form on the HTTPS site makes the client send a request to the HTTP site, its content will be visible before the redirection. As an example, if a page served over HTTPS contains a form link such as <form action="http://example.com/something"> which an end user submits, the browser will send the data in full to the HTTP site first.

Best practice is that links in HTTPS pages should not contain protocol references or should otherwise only refer to HTTPS. For example: <a href="//www.example.com">Link to site</a>

More information is available on the Apache website.

   

Comments

No comments have yet been submitted. Be the first!

Have Your Say

The following HTML is permitted:
<a href="" title=""> <b> <blockquote cite=""> <code> <em> <i> <q cite=""> <strike> <strong>

Comments will be published subject to the Editorial Policy.