How to Activate https via .htaccess Code ?

Forcing HTTPS with .htaccess

In the digital age, security reigns supreme. When it comes to websites, securing user data and ensuring a safe browsing experience is paramount. One crucial step in this process is forcing HTTPS. This means redirecting all website traffic from the insecure HTTP protocol to the secure HTTPS protocol.

Here's how you can achieve this using the powerful tool of .htaccess code:

Step 1: Accessing .htaccess

First, you need to access your website's .htaccess file. This file sits at the root directory of your website and controls various aspects of its behavior. Accessing it might differ depending on your hosting provider. Here are some common ways:

  • cPanel: Login to your cPanel and navigate to the File Manager. Locate the document root directory for your website and look for the .htaccess file.
  • FTP: Use an FTP client like FileZilla to connect to your website's server. Navigate to the document root directory and find the .htaccess file.
  • Direct Access: If your hosting provider allows direct access to files, you might be able to access the .htaccess file directly through your browser.

Step 2: Adding the Code

Once you've accessed the .htaccess file, you need to add the following code snippet:

            RewriteEngine On
            RewriteCond %{HTTPS} !on
            RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 

This code instructs the server to do the following:

  • Turn on the Rewrite Engine: This activates the mod_rewrite module, which allows us to rewrite URLs on the fly.
  • Check for HTTPS: It checks if the current connection is using HTTPS.
  • Redirect to HTTPS: If the connection is not using HTTPS, it redirects it to the same URL with the https protocol added.
  • Permanent Redirect: The [L,R=301] code ensures that the redirect is permanent and search engines are notified about the change.

Step 3: Save and Upload

After adding the code, save the .htaccess file and upload it back to your website's root directory. Depending on your method of access, this could involve saving the file locally and uploading it again via FTP or cPanel File Manager.

Step 4: Testing and Verification

Once uploaded, try accessing your website using both the HTTP and HTTPS versions. Your website should now automatically redirect you to the HTTPS version. You can also use online tools like SSL Checker to verify if your website is using HTTPS correctly.

Additional Considerations:

  • Mixed Content: Ensure that all your website's resources (images, scripts, etc.) are also loaded using HTTPS. Mixed content warnings can occur if some resources are still served via HTTP.
  • SEO Impact: Switching to HTTPS can positively impact your website's SEO. Search engines favor secure websites, and this can lead to improved rankings.
  • Compatibility: While .htaccess is a powerful tool, it's essential to ensure compatibility with your specific hosting environment and CMS platform. Always consult with your hosting provider or documentation for specific instructions.


Forcing HTTPS via .htaccess code is a simple yet effective way to secure your website and protect your users. With its ease of implementation and powerful capabilities, it makes for an essential step in creating a safe and secure online experience.

Share post
You must be logged in to post a comment
Top Gitysoft Chat