Redirect all HTTP requests to HTTPS

If you have SSL/TLS set up on your server, you might need to force the site to redirect to the secure HTTPS version. If you need to know how to obtain the certificate, read about that here. Otherwise, create an .htaccess file in the root of your server with the following code.

RewriteEngine on
  RewriteCond %{HTTP:X-Forwarded-Proto} !https
  RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

If this causes a "too many redirects" error for you, you can replace RewriteCond %{HTTP:X-Forwarded-Proto} !https with RewriteCond %{HTTPS} !=on.

Comments