Site icon SSL.com

Redirect HTTP to HTTPS with Apache

Once you’ve installed your SSL/TLS certificate on Apache, it’s a good idea to redirect all incoming HTTP traffic to the secure HTTPS protocol. This way any existing links to your site beginning with http://, as well as all URLs typed by users into their browser’s address bar, will receive the HTTPS version of your website.

We’ll cover two methods here. The Virtual Hosts method is preferable if you have access to your Apache server’s configuration files.

Virtual Hosts Method

You can easily redirect an HTTP virtual host on port 80 to an HTTPS virtual host on port 443 by editing the website’s virtual hosts configuration as shown below:

<VirtualHost *:80>
   ServerName www.example.com
   Redirect / https://www.example.com/
</VirtualHost>

<VirtualHost _default_:443>
   ServerName www.example.com
   DocumentRoot /usr/local/apache2/htdocs
   SSLEngine On

   # Configuration Continues...
</VirtualHost>

Please refer to your server’s documentation for the location of your virtual hosts configuration files. On Ubuntu/Debian the default location is /etc/apache2/sites-available/. You will also need to restart Apache after changing the virtual hosts configuration.

mod_rewrite/.htaccess Method

This method requires that mod_rewrite is enabled on your server. If you do not have access to your Apache server’s virtual hosts files, use an .htaccess file to rewrite HTTP requests to HTTPS. Add the following lines to a file named .htaccess file in your domain’s root directory (create the file if it doesn’t exist):

RewriteEngine On 
RewriteCond %{HTTPS} !=on 
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.
Exit mobile version