How to use .htaccess to force SSL on your website

One of the many things you can do with an .htaccess file is force your site to use an HTTPS (SSL) connection, which encrypts the information that passes between a web browser and the web server. Note that you must have an SSL certificate configured to work with your site before you follow these steps. You can use the free Let’s Encrypt SSL certificate with your HostPapa website.

Creating and editing .htaccess files

Even minor errors, such as typos or missing special characters, in .htaccess files can cause problems with viewing your site, so always make backup copies before you edit them. It’s also a good idea to only make one change before testing your site, so if there is an error, you’ll know it was likely caused by the most recent change. There are two methods you can use to create and edit files: on your local computer or on the web server with cPanel.

On your local computer

Create the file on your local computer using a text editor, such as Notepad on Windows or TextEdit on a Mac. If you’re editing an existing file, you’ll need to download the file using an FTP client and then open it in the text editor. 

Note that by default, some FTP clients don’t show files that begin with a period. 

Check your FTP client documentation for information about how to show hidden files. 

Make your changes and save the file, then use the FTP client to upload the file to the correct directory on the web server. 

On the web server with cPanel

Log in to your HostPapa cPanel and click File Manager

Click Settings in the upper right corner and make sure Show Hidden Files is selected and click Save.

Select the directory where you want to create or edit the .htaccess file. 

To create a new file, click New File and name the file .htaccess

To edit an existing .htaccess file, select the file and click Edit.

Adding the SSL rule to the .htaccess file

Add the following lines of code to an .htaccess file in your website’s root directory to force SSL for your entire website. 

To force SSL for a subdirectory, add the code to an .htaccess file in the subdirectory.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Save and close the file. Open your website in your web browser to test the change.

If you need help with your HostPapa account, please open a support ticket from your dashboard.

Related Articles

This post is also available in: Français
Get online with our affordable web hosting

Get online with our affordable web hosting

Learn more now
HostPapa Mustache