After installing an SSL certificate, your website is available over HTTP and HTTPS. However, it’s better to use only the latter because it encrypts and secures your website’s data. While many hosting providers allows users to configure this setting in just one click but might not allow for add-on domains or when you sneakily host mutiple sites or you forgot and got the wrong SSL certificate instead of a SAN certificate, you can also use the .htaccess file to force HTTPS connection.
The information below will rekindle your will to live and continue in this path of web development.
Forcing HTTPS on All Traffic
One of the many functions you can perform via .htaccess is the 301 redirects, which permanently redirects an old URL to a new one. You can activate the feature to force HTTPS on all incoming traffic by following these steps:
- Go to File Manager in your hosting panel and open .htaccess inside the public_html folder. Make sure you hidden files are visible, and if you still cant find it, panic a bit and then create a .htaccess file.
- Scroll down to find RewriteEngine On and insert the following lines of code below it, else if there is not file or content in the file be lazy and copy and paste the below code and substitute your domain in.
RewriteEngine On
RewriteCond %{HTTP_HOST} yourdomain.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R,L]
- Save the changes.
IMPORTANT: Make sure that the line RewriteEngine On is not repeated twice. In case the line already exists, simply copy the rest of the code without it.