How to redirect users to SSL-enabled connections

This article demonstrates how to redirect users to secure (https://) web site connections, even if they type a non-secure URL (http://) in their web browser. This article applies to Linux servers using Apache or Apache compatible web servers. For Windows servers see this article.

Redirecting users to SSL-enabled connections

You may want to ensure that visitors to your web site always use a secure connection. To do this, you can use Apache rewrite rules in a custom .htaccess file.

If you use the rewrite rules in an .htaccess file in the web site's root directory, all requests will be redirected to HTTPS connections. Alternatively, you can modify the rewrite rules in a specific directory's .htaccess file to limit redirection to files in that directory.

The following lines demonstrate how to redirect users from a non-secure URL (http://) to a secure URL (https://) using an .htaccess file. Replace example.com with the domain name associated with your own SSL certificate:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://example.com/$1 [R=301,L]

Related Articles

• Introduction to SSL

  What is SSL, and why would I use it? If you have never worked with SSL certificates before, we recommend you start here.

• Using .htaccess files

  Learn what .htaccess files are, and how you can use them to customize the web server’s configuration for your web site.

• Redirecting users to SSL connections in Plesk

  You can configure your web site to redirect users so they always use a secure HTTPS connection, even if they type a non-secure HTTP URL in their web browser. Please note that this article only applies to accounts that have Plesk.