Skip to content

Redirect HTTP to HTTPS

G28th October 2015

CNo Comments

TApache, SSL

Use .htaccess to redirect all server traffic from HTTP to HTTPS

The following code, which can be added to a server’s .htaccess file, will redirect all traffic from HTTP to HTTPS:

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Bear in mind that this solution may not be suitable for all situations.

If some link or form on the HTTPS site makes the client send a request to the HTTP site, its content will be visible before the redirection. As an example, if a page served over HTTPS contains a form link such as <form action="http://example.com/something"> which an end user submits, the browser will send the data in full to the HTTP site first.

Best practice is that links in HTTPS pages should not contain protocol references or should otherwise only refer to HTTPS. For example: <a href="//www.example.com">Link to site</a>

More information is available on the Apache website.

   

Comments:

No comments have yet been submitted. Be the first!

Have your say:

The following HTML is permitted:
<a href="" title=""> <b> <blockquote cite=""> <code> <em> <i> <q cite=""> <strike> <strong>

Comments will be published subject to the Editorial Policy.