Force HTTPS via .htaccess

Do you have a valid SSL certificate installed and you’re wondering why your website is still marked as insecure?

This occurs because some browsers by default request websites over HTTP protocol (rather than a secure HTTPS protocol). To ensure your website is served over a secure connection, you need to implement a force redirect so all traffic is redirected from HTTP to HTTPS.

This guide will teach you how to implement a force HTTPS redirect so all traffic visits your site over a secure connection

Please ensure you have the following requirements:

1. A valid SSL certificate – Your website must have a active SSL certificate, if you don’t have a SSL certificate installed, please follow our guide on how to install a Let’s Encrypt certificate before proceeding.
2. SSH Access – Serversaurus relies on key based authentication to login via SSH/SFTP, if you haven’t already, generate your SSH key pair and configure it in cPanel before proceeding with the next steps.

Let’s get started!

1. Open your terminal window and SSH to your hosting server:

   ssh username@yourserver.serversaurus.com.au

2. Change into your public_html directory (or alternative document root location):

   cd public_html

3. Open the .htaccess file:

   vi .htaccess

4. Add the following text to the beginning of your .htaccess file by typing i and then paste the text into the window: RewriteEngine on RewriteBase / RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
5. Once completed press esc and enter :wq to save.

Open your browser and enter your domain name, your site will now be redirecting to HTTPS!