Skip to main content

Force HTTPS via .htaccess (cPanel)

  • Updated
Do you have a active SSL certificate and you're wondering why your website is still marked as insecure? this happens because most popular browsers default to request websites over HTTP connection (rather than a secure HTTPS connection). To ensure your website is served over a secure connection, you must implement a force redirect so all traffic requesting your website over HTTP is redirected to HTTPS.
 
This guide will teach you how to implement a force HTTPS redirect so all web traffic visits your site over a secure connection.

This article is for users who prefer using the cPanel GUI, we have another guide for users who prefer to make these changes using CLI.

Note: To complete this guide, your website must have a active SSL certificate. If you don't have a SSL certificate installed, please follow our guide on how to install a Let’s Encrypt certificate first.

  1. Login to your cPanel account. If you have forgotten your cPanel credentials, they were included in the original Welcome to Serversaurus email which you should find in your inbox otherwise follow these instructions on how to update your cPanel password.
  2. Using search bar, find the File Manager function.
  3. Go to Settings in the top left hand corner, make sure Show Hidden Files (dotfiles) is selected, remember to save changfilemanagersetttings.pngScreen-Shot-2018-06-08-at-4.46.05-pm.png
  4. Select your websites document root from the directory listing on the left hand side of page. Your document root will most likely be public_html.
    directorylistingfilemanager.png
  5. Locate a file named .htaccess, if this file is not present, you will have to create the file. Otherwise as a security measure please copy the .htaccess and name the duplicate file .htaccessold.filemanagertoolbar-1.png
  6. Using the Edit function, add the below entry to the beginning of your .htaccess file. Your .htaccess may already have line 1 & 2 present, in which case just copy line 3 & 4. Save changes.
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 


To confirm your changes are successful, open your browser and enter your domain name, your site should be redirecting to HTTPS!

Screen-Shot-2018-06-26-at-4.09.01-pm.png

 

Related articles

Comments

0 comments

Please sign in to leave a comment.