Tech Quintal

How to Redirect HTTP to HTTPS

Redirect HTTP to HTTPS

Redirecting HTTP to HTTPS is one of the most important things to do once you migrated your website to the SSL version. Otherwise, your website will serve two versions of the same content in the form of a non-HTTP page and an HTTPS page. For example, if you setup the SSL certificate on your website and if your web hosting provider doesn’t have the automatic redirection option, you will not redirect the HTTP visitors to the HTTPS. Luckily, most of the known web hosting services such as Siteground will automatically redirect you to the SSL version once you use the Let’s Encrypt free SSL from their cPanel.

However, after installing the SSL, make sure that your HTTP website is properly redirecting every page to the HTTPS version. If not, just follow this guide to do so. While redirecting, there may be few variations of the software and systems. So, follow the steps under the correct one.

Never save your .httaccess or other mentioned files without confirming the code is correct. Even a single incorrect word could result in a website crash. But it can be reversed by deleting the added code. Always be cautious and rake a backup of the files before editing.

Linux & cPanel

Add the following code to your .httaccess file to redirect visitors from HTTP to HTTPS.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

There may be situations where you have to redirect some specific domains only to the HTTPS. If so, use the following code.

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

You can also force a certain folder to use HTTPS. Here is the code.

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.example.com/folder/$1 [R,L]

In the above two code snippets, be sure to replace the example.com with your website and folder with the desired folder.

Do not repeat the “RewriteEngine On ” if you already have it on your .httaccess file. Also, make sure that the above code is placed under the existing (If there) RewriteEngine On  line.

Windows & Plesk

Add the following code to your web.config to redirect non-SSL to SSL version.

<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="HTTP to HTTPS redirect" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                    </conditions>
                    <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

Make sure that all the opening tags closed properly and never repeat the existing tags in your web.config file. It means, if already there is a <configuration>  tag, you shouldn’t repeat it and should place the remaining code inside that tag, resulting in the above structure.

Apache

Apache HTTPS redirection can be done both using the .httaccess file and the httpd.conf file. We already discussed the .htaccess method. So, we are now looking into editing the httpd.conf file.

Go to the conf folder of your Apache server and add the following code to the httpd.conf file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]

To redirect a specific page, use this code.

RewriteEngine On
RewriteRule ^apache-redirect-http\.html$ https://www.example.com/apache-redirect-http.html [R=301,L]

Be sure to replace apache-redirect-http\.html with your URL and example.com with your website.

Nginx

To redirect all HTTPS traffic to HTTPS in Nginx servers, add the following code to the Nginx config file.

server {
    listen 80;
    server_name domain.com www.domain.com;
    return 301 https://domain.com$request_uri;
}

IIS

Follow these steps to redirect your site traffic to HTTPS in IIS. This will only work in IIS7 and above.

  1. First of all, install the Microsoft URL Rewrite Module on your server.
  2. Then, Install SSL certificate.
  3. Uncheck the Require SSL under SSL Settings for your website.
    Redirect HTTPS to HTTPS in IIS7
  4. Copy-paste the code given below between the <rules> and </rules> tags in the web.config file in website root directory.
  5. That’s it, make sure that the server is redirecting your website to HTTPS. 
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
    <match url="(.*)" />
    <conditions>
        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    </conditions>
    <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>

WordPress

Instead of spending time on the above given complicated SSL redirection codes, you could easily do the same by installing a WordPress plugin. We are going to use the Simple SSL Plugin available in the WordPress repository. You will also be able to install SSL certificates using this plugin. Download and install the plugin on your WordPress site, install SSL certificate if you didn’t already install. The plugin will automatically redirect your HTTP traffic to the HTTPS version. If not, check the configuration of the plugin.

Joomla

To configure HTTPS redirection in Joomla, there are two phases you have to follow. They are given below. Make sure to complete the phase 1 before stepping into the phase 2.

Phase 1 – Edit configuration.php file

  1. Open the configuration.php file
  2. Replace the line var $live_site =”;  with var $live_site = ‘https://www.example.com’; (Only if not already done.)
  3. Now, open the .htaccess file then add the following code at the bottom.





RewriteEngine On RewriteCond %{HTTPS} OFF RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}





Phase 2 – Enable Force SSL in Joomla





  1. Go to System > Global Configuration in the admin panel.
  2. Select the Entire Site option from the drop-down within the Server tab, in the Server Settings section.
  3. Click the Apply/Save button.
  4. That’s it. Check the HTTPS version of your website.





Magneto





Use the following rules to redirect HTTP to HTTPS in Magneto.





# Redirect all content to HTTPS
set $redirect "0";
if ($host ~* "^(www\.)?example.com$") { set $redirect "go"; }
if ($my_http = http)                  { set $redirect "go${redirect}"; }
if ($remote_addr ~ 172.16.0.(6[0-9])) { set $redirect "0"; }
if ($redirect = "gogo") {
  rewrite ^(.*)$ https://www.example.com$1 permanent;
}





AWS Load Balancer





In order to redirect your AWS Load Balancer from HTTP to HTTPS, follow the below steps –





  1. Open AWS console.
  2. Go to the Load Balancer in EC2.
  3. Navigate to “Listeners”.
  4. Select “View/edit rules” on the HTTP listener.
  5. Delete all rules except for the default one which is usually placed in the bottom.
  6. Finally, edit the default rule – 
    1. Choose “Redirect to” as an action.
    2. Leave everything as default.
    3. Enter “443” as a port.





Things to remember while redirecting HTTP to HTTPS





There are few things that you should be aware of before applying the HTTPS redirection on your website. We listed some of the below.





  • You should use the 301 permanent redirection while redirecting your website. Never use any other temporary redirection. It may result in the loss of the backlink juice which links to the HTTP version of your website. The 301 redirect directly passes the link juice without significant loss.
  • Don’t take redirection measures before confirming that all of your website pages are accessible from the HTTPS version too.
  • After applying the redirection, make sure that the site is not accessible from the HTTP version. In other words, if we enter http://example.com to the browser, it should take you to https://example.com.
  • Never save the code without double-checking everything is correctly entered.





That’s it. Make sure that you use the best SSL certificate provider for securing your websites.