How to force HTTPS using .htaccess for your website

After you install an SSL certificate for your domain, your website will continue to be available via HTTP and HTTPS. You will want to force ALL traffic through HTTPS for better security and website data encryption. You can accomplish this by simply adding a few lines to your .htaccess file. This file usually resides in the root directory of your website.

Forcing HTTPS for entire website

  1. Go to your root website directory either via FTP or from your provided File Manager from your hosting provider.
  2. Find the file .htaccess. If you are unable to find this file, you may need to show hidden files or simple create a new file.
  3. If you code already has “RewriteEngine On”, paste the code directly below it. It will look like this:
RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

4. Save your changes.


That’s it! You have successfully updated your .htaccess file and redirected all your website traffic to HTTPS. Keep in mind that whenever you link your website, whether from an internal page or external, always link it using https. For example:

Related Posts

Special offer:

10% OFF

for a limited time

Use Code: BLPROMO10 at checkout!