If you’re not yet on HTTPS, the browser is going to through a “Not Secure” warning on your website. For compliance purposes, you need to have an SSL-encrypted connection. Once, you have installed SSL, it is crucial to redirect HTTP to HTTPS.

What is HTTP to HTTPS Redirect?

Earlier, the most common redirect concern was to properly redirect the www version of the site to the non-www site, or vice-versa. However, with the introduction of SSL certificates, HTTP to HTTPS redirect has taken over.

For example, consider magehost.com website. Our canonical address is https://magehost.com. However, a user can connect to our website in 4 ways:

SourceType
http://magehost.comHTTP + no-www
https://magehost.comHTTPS + no-www
http://www.magehost.comHTTP + www
https://www.magehost.comHTTPS + www

In this article, we’ll see how to redirect HTTP to HTTPS connection with www:

1. Redirect HTTP to HTTPS in Apache

Before we get to redirecting HTTP to HTTPS using .htaccess file, here’s how you can edit the .htaccess file:

How to edit a .htaccess file:

To force your traffic to HTTPS, edit the codes in the .htacess file. If you already know this step, you can move to the redirection part.
There are instructions in the .htaccess file that describe the server how to perform in certain scenarios. This affects how your website functions.

Most common instructions are:
1. Rewriting URLs
2. Redirects

3 Ways to edit a .htaccess file:
  • Edit the file on your PC and upload it to the server via FTP.
  • Use “Edit” mode in FTP program allows you to edit a file remotely.
  • Use SSH and a text editor to edit files.

1.1. Redirecting all web traffic

To redirect all traffic to HTTPS, add the following to existing code:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.magehost.com/$1 [R=301,L]

1.2. Redirecting specific domain

To redirect a specific site to use HTTPS:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?magehost.com
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.magehost.com/$1 [R=301,L]

1.3. Redirecting specific folder

To redirect HTTP to HTTPS on a specific folder, add the following code:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.magehost.com/folder/$1 [R=301,L]

1.4. Force redirect to 301

To force traffic to HTTPS, use the following code:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Note:
1. Replace “magehost” with your domain name wherever required.
2. Replace /folder with the actual folder name.

2. Redirect HTTP to HTTPS in Nginx

Nginx is the fastest growing web server. We use Nginx in our server stacks for optimized performances.

2.1. Redirect all traffic to HTTPS

server {
     listen 80 default_server;
server_name _;

return 301 https://$host$request_uri;
}

2.2. Redirect specific sites to HTTPS

server {
    listen 80;

    server_name magehost.com;
    return 301 https://magehost.com$request_uri;
}

Conclusion

Almost all websites are on HTTPS now. Share this article to bring the rest the websites on an encrypted connection. If your web host is not taking care of your website security, move to a Managed hosting provider to keep your website security bulletproof.