Redirect all HTTP requests to HTTPS

If you have SSL/TLS set up on your server, you might need to force the site to redirect to the secure HTTPS version. If you need to know how to obtain the certificate, read about that here. Otherwise, create an .htaccess file in the root of your server with the following code.

RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

If this causes a "too many redirects" error for you, you can replace RewriteCond %{HTTP:X-Forwarded-Proto} !https with RewriteCond %{HTTPS} !=on.

Leave a comment

Plain text only. Comment must be over 20 characters.

Join the newsletter

I write about JavaScript, programming, and front-end design. Join other developers in keeping up with my content. Unsubscribe whenever. Never any spam, ads, or affiliate links.