Apache logo and lock | SSL redirection

Using an SSL certificate is now the norm for all types of online sites. Since 2016, Google has been putting more and more effort into making the web a safer place for everyone. Here is the source directly the Google blog « HTTPS encryption on the web ».  

Then, since January 2017, the giant Google has launched an update to its Chrome browser so that an “unsecure” mention is displayed in the address bar. All with the aim of making the user aware of the security of the site on which he is located. Here’s the official announcement Google made: « Moving towards a more secure web ».

Now that we know the why we should have a SSL redirection on our site and how we can proceed.

Redirection in the .htaccess file

You must first make sure that your site already has an SSL security certificate. Otherwise, the SSL redirection will force the browser to warn people about your site being unsafe. If you do not have a certificate installed on your site, you can visit our site in the “Purchase an SSL Certificate” section of our site to obtain one.

First, you need to open the “.htaccess” file for your hosting. Instructions for opening it with a cPanel control panel can be found further down in this article, you can click here to go there directly.

Once the “.htaccess” file is open, you must add the following lines to it at the beginning of the file:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Here’s what those lines mean.

The first line with “RewriteEngine” simply asks the Apache server to activate the functionality to modify a web address.

The second line, the condition, says to apply the rule only if the site is not secure. So if the site is already functional with “HTTPS”, this line will be ignored.

Finally, the last line has two sections which deserve an explanation. The first part of the line simply asks to change the site address to work with “HTTPS”. The second part indicates that this is a permanent change (R = 301). This part is important in order not to lose any of your SEO.

Additional step for WordPress users

In your WordPress administration, go to the “Settings” tab then “General”. You will need to change both WordPress addresses and change the “http” to “https” there. This will advise WordPress to proceed with the SSL redirection.

WordPress General Setting | SSL redirection

Once the change is made, save.

If you do not do this step, your site may create a “too many redirect” loop and will never be displayed.

How to open the “.htaccess” file in a cPanel

The “.htaccess” file, if created, is usually hidden, so make sure you see any hidden files. Here are the steps to follow.

In your cPanel control panel, you must first select the file manager:

cPanel file manager

Once you’re in the file manager, you’ll need to make sure all the hidden files are being shown. Select the option “Setting” in the upper right corner (1) and make sure that there’s a check in the “Show Hidden Files” (2).

cPanel - afficher fichier cacher

Next step is to locate the « .htaccess » file so we can modify it. In general the file will be in the “public_html” folder. Click on the “public_html” folder in the left section and you should be able to see the file we are looking for in the right section.

cPanel - Directory file manager

For all those that can’t see the file, you’ll need to create it. Select he option “+ File” in the upper right, write down the name of the file “.htaccess” and save.

cPanel - New file

We finally arrive at the file modification. Right click on the file and choose the “Edit” option.

Now you can change it as shown above.

Updated June 30, 2021