How to enable SSL for Drupal

This article describes how to enable SSL for a Drupal site.

This article assumes that you already have a valid, functioning SSL certificate installed on your web site. If you do not have an SSL certificate for your site yet, please see our SSL certificate options or use Sectigo certificates available with most accounts.

Enabling SSL for Drupal

You can use .htaccess settings to automatically redirect users to secure (https://) web site connections, even if they type a non-secure URL (http://) in their web browser.

Additionally, you can use .htaccess settings to automatically redirect users who do not include the www prefix. For example, many third-party SSL certificates are only valid for one specific domain, so web site owners often set up an SSL certificate for the www subdomain ( However, this means that visitors to the site may receive a security warning if they go to without the www prefix. An .htaccess directive enables you to prevent this from occurring.

To configure these settings, follow these steps:

  1. Use a text editor to open the .htaccess file in the directory where you installed Drupal. To do this, you can log in to your account using SSH and a command-line text editor, or you can use the text editor in the cPanel File Manager.
  2. Copy the following text and paste it into the .htaccess file:
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    If you do not want to redirect users who omit the www prefix, do not include the second and third lines in your .htaccess file.
  3. Save your changes to the .htaccess file.
  4. Test the new configuration. Using the Apache directives listed in step 2, the following should happen:

    • A user who types or is redirected to (Replace with your own domain name.)
    • A user who types is redirected to (Replace with your own domain name.)

Using cPanel SSL with Drupal

Using an SSL certificate from a recognized Certificate Authority is recommended for the best results when enabling SSL for Drupal. cPanel SSL is a free, automated, and open certificate authority and is recognized by most modern browsers. cPanel SSL is supported for all new A2 Hosting accounts and certificates can be generated automatically for immediate use. For more information about cPanel SSL, please see the Related Articles section.

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.