How to Redirect Website from HTTP to HTTPS?

Go HTTPS; it doesn’t cost anything, and yet you get search engine ranking and security.

HTTPS should be everywhere and lately; Google has considered this as a ranking signal to their search engine results.

There are two primary reasons you should consider securing your website with an SSL certificate.

• Security – to ensure sensitive data is encrypted from a user browser to the web server or network edge. Having SSL also give some trust to the visitor that your website is secure.
• SEO – HTTPS is a new ranking signal, and the big boss is watching you, so don’t be behind in the race.

If you are worried about the cost then let me remind you, you can get the SSL certificate in FREE from many issuers. And most of the shared hosting offers free SSL.

There are many ways to put this redirection, and the following is the easiest one I find.

1HTTPS Redirection in Apache

• Login to your Apache server and go to the path where it’s installed.
• Go to conf folder and take a backup of httpd.conf file
• Open httpd.conf using your vi editor (choose your favorite editor)
• Ensure mod_rewrite.so module is loaded

LoadModule rewrite_module modules/mod_rewrite.so

If you see above line is commented then uncomment it

• Add the following at the end of the file

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Restart Apache webserver to test it.

A configured website should be able to redirect and accessible on https.

2HTTPS Redirection in Nginx

Login to Nginx web server and take a backup of nginx.conf or default.conf file (whatever file you are using for server directive)

• Add the following in server directive

return 301 https://$server_name$request_uri;

• Save the file and restart Nginx web server.

Restart Nginx to test the site.

3HTTP Redirection in Cloudflare

If you are leveraging Cloudflare for performance and security, then having a website through HTTPS is very easy.

• Login to Cloudflare >> select the site
• Go to Crypto tab and scroll down to see the following

• Ensure it turned ON

There is another way, page rules.

• Go to Page Rules
• Click “Create Page Rule”
• Enter the URL (put the asterisk, so redirection happens for all the URI)
• Click “Add a Setting” and select “Always Use HTTPS” from the drop-down

• Click “Save and Deploy”

It will take a few seconds, and you are all set to have your website accessible through https. After using Cloudflare if your site breaks due to mixed content, then check out the following guide.

Cloud Flare SSL breaks WordPress & Joomla and how to fix it

4HTTPS Redirection in cPanel

Pre-requisite: assuming you are using this for shared hosting, ensure hosting provider offer SSL and enabled for your site.

Most of the shared hosting provider offers cPanel and an option to modify .htaccess where you can enter the following code to start the redirection.

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Note: if you already have “RewriteEngine On” in your existing .htaccess file then you don’t need to duplicate it.

5HTTPS Redirection in SUCURI

SUCURI offer FREE cert under WAF plan, and you can enable it by navigating to HTTPS/SSL tab.

First, select “Full HTTPS” in SSL mode.

Second, select “HTTPS only site” in protocol redirection.

Save the configuration, and in a few seconds, you will have your site accessible through https.

What’s next?

Once you setup the redirection, ensure all the resources are getting loaded over HTTPS. You can use the Mixed Content Testing tool to verify if any resource is still getting loaded over HTTP.