Force https

Without HTTPS active, even with an installed certificate, your site will not be correctly secured using SSL/TLS. Therefore, it’s important it is enabled to reap the benefits of having an SSL/TLS certificate.

Why should I force HTTPs on my site?

HTTPS is the secure version of HTTP. Alongside SSL, it helps ensure that privacy and data integrity is maintained across your site. 

The importance of both HTTPS and SSL is well documented. Browsers such as Google Chrome and Mozilla Firefox will show sites as untrustworthy or dangerous if they are not active. 

Interested in learning more about SSL and the different types of certificates?

Force HTTPS with .htaccess

[custom_alert type=”primary”].htaccess is a dot file, these files are hidden by default. To access the file, you will first need to enable viewing of hidden or dot files within the settings area of your chosen panel or FTP software.[/custom_alert]

1. For example, in cPanel, hidden files are enabled by clicking the settings cog.

cPanel enable hidden files in settings
Enabled .dot files

2. To redirect your website to HTTPS. Enter the following to your .htaccess file.

[custom_code_block id=”rewrite-code-copy”]RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301][/custom_code_block].

3. After you have added this text to your .htaccess file, save it.

4. You can test if it was successful by entering the site URL in your browser.

Forcing HTTPS in cPanel

1. Firstly, log in to your cPanel control panel, navigating to “SSL/TLS Status” in the Security section.

2. From here, you can select the domain you’d like to install an SSL on.

3. Run AutoSSL sit back and relax whilst it runs. When it completes successfully, the page will update with a success notification. cPanel will then request a certificate from the issuing authority. If successful, it will be visible in AutoSSL.  

Forcing HTTPS in Plesk

1. First, log in to the Plesk control panel and click Websites & Domains in the left sidebar.

2. From here, choose the domain to configure and click Hosting Settings

3. Select SSL/TLS support and Permanent SEO-safe 301 redirect from HTTP to HTTPS checkboxes under Security

4. Select the corresponding SSL certificate from the Certificate drop-down list

5. Finally, Confirm the changes by clicking the OK button