http to https through .htaccess

Question

I've had a look through existing questions, but I haven't really come across anything which works for me.

I'm currently running a site with a Secure SSL certificate. It can be accessed at https://www.example.co.uk a problem is the site can also be accessed at http://www.example.co.uk - I don't want this to be possible. I need it to redirect from http to https.

I found this one snippet of code to use in an .htaccess file.

Options +FollowSymLinks 
RewriteEngine on 
RewriteCond %{HTTP_HOST} ^example.co.uk [NC] 
RewriteRule ^(.*)$ https://example.co.uk/$1 [L,R=301]

This works fine when the user enters example.co.uk into their address bar, but I also need to add a conditional statement of some sort so that if the user enters 'www.example.co.uk' or 'http://www.example.co.uk'.

I've tried using the likes of [OR], but this ends up creating server errors.

Any help and suggestions is appreciated.

Cheers.

Answer 1

Try the following:

 RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Also, you can also redirect based on port number, for example:

 RewriteCond %{SERVER_PORT} ^80$
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

This will redirect all requests received on port 80 to HTTPS.

Answer 2

Add the following code in .htaccess file.

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

change example.com with your website domain

URLs redirect tutorial can be found from here - Redirect non-www to www & HTTP to HTTPS using .htaccess file

Answer 3

Try this, I used it and it works fine

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Answer 4

Try this:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

Source: https://www.ndchost.com/wiki/apache/redirect-http-to-https

(I tried so many different blocks of code, this 3 liner worked flawlessly)

Answer 5

For me work ONLY this variant:

RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Thanks https://www.reg.ru/support/hosting-i-servery/sajty-i-domeny/kak-dobavit-redirekt/redirekt-s-http-na-https (in Russian)

Answer 6

I try all of above code but any code is not working for my website.then i try this code and This code is running perfect for my website. You can use the following Rule in htaccess :

<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On

//Redirect http to https
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

//Redirect non-www to www
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]

</IfModule>

Change example.com with your domain name and sorry for my poor english.

Answer 7

# Switch rewrite engine off in case this was installed under HostPay.
RewriteEngine Off

SetEnv DEFAULT_PHP_VERSION 7

DirectoryIndex index.cgi index.php

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# RewriteCond %{HTTP_HOST} ^compasscommunity.co.uk\.com$ [NC]
# RewriteRule ^(.*)$ https://www.compasscommunity.co.uk/$1 [L,R=301]

Answer 8

To redirect http://example.com or http://www.example.com to https://www.example.com in a simple way, you can use the following Rule in htaccess :

RewriteEngine on

RewriteCond %{HTTPS} off
RewriteCond www.%{HTTP_HOST} ^(?:www\.)?(www\..+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [NE,L,R]

[Tested]

%{REQUEST_SCHEME} variable is available since apache 2.4 , this variable contains the value of requested scheme (http or https), on apache 2.4 you can use the following rule :

RewriteEngine on


RewriteCond %{REQUEST_SCHEME} ^http$
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]

Answer 9

There are better and more secure ways to make sure that all your traffic goes over https. For example setting up two virtual hosts and redirecting all traffic from your http to your https host. Read more on this in this answer here on security.stackexchange.com.

With setting up a virtual host for redirecting you can send a 301 status (redirect permanently) so the browser understands that all the following requests should be sent to the https server where it was redirected to. Hence no further http requests will be made after the first redirect response.

You should also carefully check the given answers because with the wrong rewrite rules set you might loose the query params from your incoming requests.

Answer 10

If you want to redirect HTTP to HTTPS and want to add www with each URL, use the htaccess below

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L] 

it will first redirect HTTP to HTTPS and then it will redirect to www.

Answer 11

Since this is one of the top results in the search, if you're trying to add http to https redirect on AWS beanstalk, the accepted solution will not work. You need following code instead:

RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule ^.*$ https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]

Answer 12

Try this RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

Answer 13

Perfect Code Going to HTML index :

RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.html" [R=301,L]

Or

Perfect Code Going to PHP index :

RewriteEngine on
RewriteCond %{HTTP_HOST} ^YourNameWebsite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.YourNameWebsite\.com$
RewriteRule ^/?$ "https\:\/\/YourNameWebsite\.com\/index\.php" [R=301,L]

Answer 14

None of these worked for me, except for this. My site was hosted in https://www.asmallorange.com

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

Answer 15

The below code, when added to the .htaccess file, will automatically redirect any traffic destined for http: to https:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>

If your project is in Laravel add the two lines

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

just below RewriteEngine On. Finally your .htaccess file will look like the following.

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

Visite here to more information

Answer 16

in .htaccess file add following line to restrict http access

SSLRequireSSL

Answer 17

for some reason its inverted in my host so if i want it to reditect i need to check if https is on and then redirect to https

RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

is the code i use