Let me assume you are concerned about your website’s safety or make it more secure. And you would like to know what is HTTPS, different from HTTP. You might have an SSL certificate and you don’t know how to Force HTTPS without any plugins or using .htaceess.

What is HTTPS?

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is the protocol where encrypted HTTP data is transferred over a secure connection. By using secure connections such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL), the privacy and integrity of data are maintained and authentication of websites is also validated.

Different from HTTP

HTTPS URLs begin with “https://” and use port 443 by default, whereas, HTTP URLs begin with “http://” and use port 80 by default. HTTP is not encrypted and thus is vulnerable to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information, and modify webpages to inject malware or advertisements. HTTPS is designed to withstand such attacks and is considered secure against them.

Let’s code for .htaccess

At times you may need to force https across your site or in just certain sections. The recommended way to do this is with a 301 (permanent) redirect. You can add the following code to your existing .htaccess, or if you don’t have a .htaccess present than go ahead and create one.

Now let’s say you have a website in your domain’s root directory that you do not want to force HTTPS, but you have another section of the site in /other that you want to force HTTPS on. To do this would look like this:

For a specific page it would look like this:

As always if you have any issues implementing these, or have questions don’t hesitate to contact our support!

How to force HTTPS redirection using .htaccess

The article was published on September 11, 2019 @ 1:49 PM

Leave a Comment