In the early days of the internet, you could probably get away with having an HTTP domain instead of a secure HTTPS one. But because hacking is so common now, it’s recommended that once you have a domain, one of the first things you should do is get an SSL certificate.
What’s an SSL certificate?
An SSL certificate encrypts data that passes between browsers and servers. This means that if you install an SSL certificate, any information that your visitors enter into your website will be kept secure. This is important for every website, especially since top browsers like Chrome and Firefox have started discouraging people from visiting websites that haven’t installed an SSL certificate. But if you have an eCommerce website or any other website where you need to collect your customers’ credit card information, having an SSL certificate isn’t just important – it’s mandatory. The rules for collecting credit card information online are governed by the PCI (Payment Card Industry). And to be PCI-compliant, you need to install an SSL certificate. We need to use .htaccess redirect to redirect visitors from HTTP to HTTPS. Here’s why:
Why redirect HTTP to HTTPS?
Adding an SSL certificate changes your URL from HTTP to HTTPS. This change isn’t automatic, so you’ll need to redirect each HTTP page to the HTTPS version, so that when your visitors try to visit the HTTP version of your website, they’ll automatically be taken to the HTTPS version, instead. The fastest way to do this is to use .htaccess redirect.
What’s .htaccess redirect?
Using .htaccess redirect lets you redirect your visitors from an old webpage to a new webpage without having to keep the old one. This is useful for things like moving your website to a new domain, adding custom error pages, and transferring your website from HTTP to HTTPS. To force a redirect, you’ll need to edit the .htaccess file. (If you already know how to edit .htaccess files, you can skip ahead to the sections on redirecting.)
Editing the .htaccess file
Within the .htaccess file, there are instructions that tell the server what to do in specific situations. Redirects and URL rewrites are two common instructions found in a .htaccess file.
Different ways to edit the .htaccess file
If you want to edit the .htaccess file, you have at least four options:1. Use a text editor and SSH.2. Use “Edit” mode in the FTP program, which allows you to edit files remotely.3. Edit the file on your computer and use FTP to upload it to the server.4. Use the File Manager in cPanel.
Editing .htaccess in the cPanel File Manager
Before you tinker with cPanel, be sure to back up your website, so you have something to return to if anything goes wrong. To edit .htaccess using the cPanel file manager, follow these steps:1. Login to cPanel2. Head to Files > File Manager > Document Root 3. Choose the domain name you want to access4. Check “Show Hidden Files (dotfiles)”5. Click Go 6. When the window opens, look for the .htaccess file7. Right click on the .htaccess file and click Code Edit on the menu8. When a dialog box pops up, click Edit 9. Edit the file10. Click Save Changes 11. To close the window, click Close Because you backed up your website before making any changes, if anything goes wrong with this process, you can always restore the previous version of your website and try again.
How to redirect HTTP to HTTPS with .htaccess redirect
To use .htaccess to redirect HTTP to HTTPS, you need to do the following: To locate the .htaccess file (if it already exists), type this command:find / -type f -name ".htaccess" If the command returns nothing, create the .htaccess file in the main document root folder. For the purposes of this example, your website will be called bearsontrampolines.com, and your folder will be called “folder”. Of course, you should substitute your actual domain name and your actual folder name when you’re typing the directives.
1. To redirect all web traffic
If you have existing code in your .htaccess, add the following: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.bearsontrampolines.com/$1 [R,L]
2. To redirect only a Specific Domain
To redirect only a specific domain to use HTTPS, add the following: RewriteEngine On RewriteCond %{HTTP_HOST} ^bearsontrampolines\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.bearsontrampolines.com/$1 [R,L]
3. To redirect only a Specific Folder
To redirect to HTTPS on a specific folder, add the following: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} folder RewriteRule ^(.*)$ https://www.bearsontrampolines.com/folder/$1 [R,L]
The Takeaway
Using .htaccess redirect only seems complicated the first couple of times you try it. After a while, you’ll be able to type the syntax as easily as you breathe, and the process won’t seem quite so foggy. Since you’re still new to using .htaccess redirect, feel free to use this guide to help you along!