All Collections
Useful Tools and Tips
Using .htaccess to force https on your website
Using .htaccess to force https on your website
Justin Catello avatar
Written by Justin Catello
Updated over a week ago

Glad to see you’re looking to move your site over to load strictly over HTTPS. If you have a WordPress site, please use this article instead.

Add the following code to the top of your website’s .htaccess file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Please bear in mind, this is a generic way of doing it, so ANY domain within your account may also be affected by this depending on if the domain is located within a folder in the same location of the .htaccess file you modified. If this is the case and you only want to force HTTPS for a specific domain, its best to use the following:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Using the above will ensure only ‘example.com’ gets redirected to HTTPS and no other domains which may be affected.

If when done, you are noticing that your site has mixed content warnings(no green lock), please check out the following article.

Did this answer your question?