How to Dynamically Force SSL Using htaccess
Ever thought of how you could dynamically force SSL using htaccess? Are you a web hosting provider? A web designer? Or a webmaster for one or more websites? You probably already know how powerful the .htaccess file is and can mean to be. There are a number of rules and directives that can be used within the .htaccess file to modify the behavior of the server when a directory or file is accessed. It will tell the server how to server a file, directory or content when accessed by a website visitor. Not just that. The .htaccess does just a lot! For a complete guide of the .htaccess file usage, including examples, visit the Apache .htaccess Guide, Tutorials & Examples and the htaccess Files – The Apache Software Foundation! resources.
In one of our previous articles, we showed you how important it is to Secure Your Website With An SSL Certificate. Maybe you have already bought one of our premium SSL Certificates or are utilizing one of our free SSL Certificates available within your hosting control panel. Whichever case it maybe, installing the SSL does not mean that your website traffic will automatically be directed towards the https secure URL version of your website. In fact, none of your website visitors has that extra time to type the https part of your website address. To make the best use of your SSL, you may have to direct the server to redirect all non-SSL URLs of your website to the their corresponding https versions.
In this article, we shall learn how to dynamically force SSL using the .htaccess file. You probably landed here after a serious search. Maybe because you want to redirect all your website traffic towards the https version of your website URL. Yes, we read your mind. The answer you are looking for is right here. Just a few lines of code. So, let’s get down to the work. And, first things first.
Locate Your Web Root or Document Directory
We want to force all our website traffic to use https. Therefore, the .htaccess we shall use must be located in our web root. If you are hosting your website on a Jubilee Web Host shared or reseller hosting account, then your document root or web root or root web directory is public_html. So, you will have to navigate to the public_html directory.
This article assumes that you already know how to access your hosting account files and folders using cPanel File Manager or an FTP client.
Create The .htaccess File
If the .htaccess file does not already exist in your web root directory, you can create it by clicking the New File icon in top left hand corner of your File Manager window. If you are using an FTP client, you may want to create the file on your local computer before uploading it to your hosting account on the server. Some FTP clients like FileZilla also allow you to directly create a new file on the server.
Please note that by default, the .htaccess file is hidden and invisible. In your File Manager window, click the Settings icon in the top right corner, select Show Hidden Files (dotfiles) and then click save to show or expose the .htaccess and any other hidden files.
Edit the .htaccess File
It is now time to add our code. Now open the .htaccess file for editing.Add the following code at the beginning of the file:
#BEGIN Force SSL
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#END Force SSL
Save the file.
Done!