Redirect all HTTP requests to HTTPS

If you have SSL/TLS set up on your server, you might need to force the site to redirect to the secure HTTPS version. If you need to know how to obtain the certificate, read about that here. Otherwise, create an .htaccess file in the root of your server with the following code.

RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

If this causes a "too many redirects" error for you, you can replace RewriteCond %{HTTP:X-Forwarded-Proto} !https with RewriteCond %{HTTPS} !=on.

Join the newsletter

I write about JavaScript, programming, and front-end design. Join 6000+ other developers in keeping up with my content. Unsubscribe whenever. Never any spam, ads, or affiliate links.