Redirect website from http to https

HTTPS (Hypertext Transfer Protocol Secure) is a secure extension of HTTP (Hypertext Transfer Protocol) that secures connection between the computer network. Moving your website from http to https is a must in this time where the number of cyber attacks per day is above 4000. This article discuss on how to redirect to https from http. In the first section, we will walk through on how to set up free SSL certificate. In later section, will explore different ways to redirect for apache server and wordpress settings.

https secure
This image is from https://commons.wikimedia.org/wiki/File:DV-SSL-example.png

Install “Let’s Encrypt” SSL Certificate

  • Go to cpanel and select “SSL/TLS Status”. Select all the domains and click on “Run AutoSSL”, this process will take a while.
  • Go back and navigate to “Manage SSL Hosts” section and scroll down. In “Install an SSL Website” section under ‘Domain’ select your domain + subdomain.
  • Click on “Autofill by Certificate”. This will autofill Certicate. private key and Certificate Authority Bundle sections.
  • Click on install certificate and “Let’s Encrypt” certificate will be installed on your domain.
  • Optional: Go back to cpanel and navigate to domain section and click on “manage domain”. If “Force HTTPS Redirect” option is available, toggle it to ON.

Note: This is a free SSL certificate and validates only the domain. You might need to purchase a paid SSL certificate from issuing authority for extra security. The process mentioned above might change slightl depending on the hosting provider. Some hosting provider may not have the option to Force HTTPS Redirect.

Redirect to https using .htaccess file

Sometimes the above step alone is not enough for redirecting user using https. When user try to access your website by entering www.yourdomain.com, browser will show unsecured http version. To access through secured connection, the user might have to manually add https:// to the url.

Editing “.htaccess” file will solve this. Before editing the file, make a backup of the file since it is a system configuration file for the server. .htaccess file is located in the “public html” or “www” directory of the server. Access the file using built-in file manager in cpanel. If the file is hidden, go to settings of the file manager and enable “show hidden files”. Right click on the file, select edit and paste the code below.

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

This will force redirect raffic using https. If you are using wordpress, adding this will throw error 302 and force to use http communication.

Redirect to https using for wordpress

In wordpress settings, go to “General” tab and change WordPress Address (URL) and Site Address from http:// to https://.

General tab in wordpress settings

Then in cpanel, locate wp-config.php file and add the code below.

define('FORCE_SSL_ADMIN', true);

Go back and locate .htaccess file in the root directory and add the code below and save.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

Refresh the website and the website will open through https.

1 thought on “Redirect website from http to https”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.