cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
New

How To Force HTTPS on an Apache webserver?

I set up a free SSL on my website through sslforfree.com but I'm not getting the padlock. When I went to whynopadlock.com I received the following information to fix the problem:

 

Forcing the use of HTTPS:// on your site will ensure that visitors to your site are always using https://www.w******s.com and aren't able to access an insecure http://www.w******s.com URL. This is recommended since if a visitor does access your site as http://www.w*******s.com everything will be marked as "Not Secure".

Below code is for forcing HTTPs on an Apache webserver. If you are using another webserver such as lighttpd, nginx, etc you will need to contact your web hosting provider for assistance.

Add the following code to the .htaccess file in your webhosting account:

RewriteEngine On
RewriteCond %{HTTP_HOST} w******s\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.w*******s.com/$1 [R,L]

Once this change is made your site will no longer be accessible on the insecure "http://www.w********s.com" URLs and all visitors will be redirected to "https://www.w********s.com" instead.

 

So my question is, How do I add code to the .htaccess file in my webhosting account?

Thanks,

Henry

2 ACCEPTED SOLUTIONS
Super User II

Check if you already have an .htaccess file in your root directory, if not you can create one.  Here are the steps.

https://www.godaddy.com/help/redirect-my-cpanel-website-to-https-27870

View solution in original post

The .htaccess file in the root directory should affect sub-folders as well.  It could be a cache issue.  Try it in a private/incognito window or bypassing your cache.

https://en.wikipedia.org/wiki/Wikipedia:Bypass_your_cache

View solution in original post

5 REPLIES 5
Super User II

Check if you already have an .htaccess file in your root directory, if not you can create one.  Here are the steps.

https://www.godaddy.com/help/redirect-my-cpanel-website-to-https-27870

View solution in original post

That worked Nate. Thank you very much.

My main index page is now showing the lock but when I click on any of the links to my other pages, they are showing the same "Not Fully Secure" warning that I had previously on my main page. Can this be solved by doing the same thing, putting the .htaccess file in each directory? And if so, what goes in each file?

The .htaccess file in the root directory should affect sub-folders as well.  It could be a cache issue.  Try it in a private/incognito window or bypassing your cache.

https://en.wikipedia.org/wiki/Wikipedia:Bypass_your_cache

View solution in original post

That did it. I'm very grateful for your help. Thank You Nate!

No problem, welcome to the community!