WordPress / Web Development Tutorials
(Best WordPress Tutorials)

Silva Web Designs - Blog

How to Force HTTP to HTTPS using .htaccess

In this article, we will explain why you should always redirect HTTP traffic to HTTPS. Did you know that after installing an SSL certificate, your website is available over HTTP and HTTPS. It is important to address this issue as it’s better to use only HTTPS because it encrypts and secures your website’s data. In this tutorial, we will explain how you can simply resolve this issue by adding a couple of lines of code in your .htaccess file.

How to Force HTTPS traffic for all visits

The solution to this issue is to add a 301 redirect which can simply be added to your .htaccess file, this 301 redirect permanently redirects the HTTP URL to the secured HTTPS one.

To do this, you simply need to add the following code to your .htaccess file which you will find in the root or www directory depending on your hosting provider:

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

You may already have the line of code RewriteEngine On within your .htaccess file, if you do, simply paste the two lines between this tag and you will be all set.

Forcing HTTPS on a Specific Domain

As an example, let’s say you have the following two domains; http://mydomain-1.com and http://mydomain-2.com. Both domains access the same website but you are wanting the first site to be redirected to the HTTPS version. For this case scenario, you would update your .htaccess file with the following:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^mydomain-1.com [NC] 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Make sure to replace mydomain-1 with the actual domain you’re trying to force HTTPS on.

Forcing HTTPS on a Specific Folder

Did you know you could force HTTPS on specific folders only? Well, if that’s the solution you are looking for, you should place a .htaccess file in the directory that will have the HTTPS connection which can be achieved by adding the below code:

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(folder-1|folder-2|folder-3) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Make sure to change the folder references to the actual directory names.

Once you have made the changes, make sure to clear your browser cache along with any caching modules you have installed on either your website or hosting. If everything is done correctly, the browser will simply redirect you to the HTTPS version, even if you tried to access it from the HTTP URL.


Amazing stuff, you have now updated your .htaccess file without the need for any plugins and just a simple copy and paste solution. All traffic now from the HTTP version will be redirected to the HTTPS version.

If this helped you in your coding life, feel free to drop us a comment below.


Nathan da Silva - Profile

Posted by: Nathan da Silva

Nathan is the Founder of Silva Web Designs. He is passionate about web development, website design and basically anything digital-related. His main expertise is with WordPress and various other CMS frameworks. If you need responsive design, SEO, speed optimisation or anything else in the world of digital, you can contact Silva Web Designs here; [email protected]

It’s good to share

Join the discussion