How to force https (SSL) on a website using .htaccess

2019 / 10 / 27

In this article, we will go through on how to force a website to load securely on HTTPS using .htaccess.

The HTTPS is the secure protocol for website requests. When you have installed the SSL certificate on your website, your site will load both on HTTP and HTTPS. When your site was on HTTP previously and after installing an SSL certificate, your domain will open on HTTPS but you will notice that the website assets (images, CSS and JS) get broken. So, it is required to fix your URLs both in the application (if you have hardcoded URLs in the database or config file).

Here is a quick fix for forcing the website to load on HTTP:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

You have to add the above code in .htaccess website which is located in the public or home directory of your website. If your website is already using .htaccess file then you can simply add the code or you can create a new .htaccess file if it is not existing. However, it is required to be careful in working with .htaccess as it can easily break your website.

You can also read about how to force a website to load on www using .htaccess and how to force a WordPress website to load on https.

Hi, I am a full-stack web developer with 5+ years of experience in working with different web technologies. Do you want to ask something? just send me a message through the contact form. Please visit my portfolio at hamzamehmood.com. Thanks