Have you decided to secure your website with HTTPS and bought SSL certificate but don’t know how to redirect your URL to https://example.com or https://www.example.com ? Then you are at the right place.

Already all the browsers have started showing “Not Secure” warnings on sites without SSL certificate. Almost every visitor knows that it is not safe to input sensitive data into website one without “Trust Lock” in address bar.

Below we will cover on the following topics:

  1. What is SSL?
  2. Benefits of using SSL
  3. Prerequisites
  4. Redirect URL to HTTPS and WWW using .htaccess
  5. Redirect URL to HTTPS and Non-WWW using .htaccess

What is SSL?

SSL or Secure Socket Layer is a protocol for establishing authenticated and encrypted links between web server and browser. It protects sensitive data like credit card details, login details, and other user information.

Click here to Know more about “What is SSL?”.

Benefits of using SSL

  1. Green address bar with trust indicator which grabs user attention.
  2. Safeguard user sensitive information.
  3. Secure online transactions
  4. Protect your site from hackers and phishing
  5. Boost sites SEO as search engines love secured sites.

Prerequisites:

  1. let us assume that you have “mod_rewrite” PHP extension already installed and enabled.
  2. SSL certificate already installed from trusted certificate authority(CA) like Symantec, Comodo etc.

Redirect URL to HTTPS and WWW using .htaccess

To redirect a URL to either https://example.com or https://www.example.com. Use the below rules

RewriteEngine on

# Redirect to https & www
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(.*)$  [NC]
RewriteRule (.*) https://www.%1/$1 [R=301,L]

Above rules check if the requested URL has absence of HTTPS and WWW in it. If either of the condition matches in the requested URL then it redirects URL to https://www.example.com.

Redirect URL to HTTPS and Non-WWW using .htaccess

To redirect a URL to HTTPS only without WWW like https://example.com. Then use below rules

RewriteEngine on

# Redirect to https & non-www
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule (.*) https://example.com/$1 [L,R=301]

Above rules check if the requested URL has absence of HTTPS and Presence of WWW in it. If either of the condition matches in the requested URL then it redirects URL to https://example.com.

Kudos! Now your website is secure.

Secure Website with Trust Lock in Browser