Knowledge base article

Force HTTPS via .htaccess (cPanel)

View other domains and DNS articles

Do you have a valid SSL certificate installed and you're wondering why your website is still marked as insecure?

This occurs because some browsers default to requesting websites over HTTP protocol (rather than a secure HTTPS protocol). To ensure your website is served over a secure connection, you need to implement a force redirect so all traffic is redirected from HTTP to HTTPS.

This guide will teach you how to implement a force HTTPS redirect so all traffic visits your site over a secure connection

This article is for users who prefer using the cPanel, we have another guide for Terminal users who prefer to make these changes using CLI.

Please ensure you have the following requirements:

  1. A valid SSL certificate - Your website must have a active SSL certificate, if you don't have a SSL certificate installed, follow our guide on how to install a Let's Encrypt certificate before proceeding.
  2. Your cPanel login details - These were included in the original Welcome to Serversaurus or IMPORTANT: Hosting Documentation email which you should in your inbox otherwise follow these instructions on how to update your cPanel password.

Let's get started!

  1. Login to cPanel
  2. Using the search bar, locate the File Manager function
  3. Navigate to Settings in the left hand corner and ensure Show Hidden Files (dotfiles) is enabled and Save

  4. Select public_html from the list of directories on the left hand side
  5. Locate a file named .htaccess, if this file is not present, create the file using + File or if you have a .htaccess file, as a precaution use the Copy option to make a copy of the .htaccess, name the duplicate file .htaccess_backup
  6. Using the Edit option, add the below text to the beginning of your .htaccess file. Your .htaccess may already have line 1 & 2 present, in which case just add line 3 & 4 and Save
    RewriteEngine on
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Your website will now be loading securely over HTTPS!

Last updated November 30, 2023

Can't find what you're looking for?

Submit a question

  • Drop files here or
    Max. file size: 2 MB, Max. files: 3.
    • This field is for validation purposes and should be left unchanged.