Knowledgebase:Technical Information
How to force https/SSL on a domain
Posted by Administrator on 14 September 2018 05:43 pm
  • Setting a rewrite rule in .htaccess: use cases

    NOTE: The directives specified below work under their own syntax. Changing any symbol or character can lead to improper function or failure of the rewrite rule. To keep things clear, we have highlighted those parts, which can be modified, with red color (mostly where a certain domain name should be placed).

    Let’s take an overview of the most common situations in which a redirection from HTTP to HTTPS can be configured.

    Enabling redirect for all sites in a cPanel account

    To redirect all sites within a cPanel account, one of the following blocks should be added to .htaccess:

    a. RewriteEngine On 
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

    This block enables rewriting capabilities, verifies that the initial request does not already have https://, and rewrites the entire requested URL, replacing http:// with https:// (e.g., http://domain.com/subfolder/index.php will be replaced with https://domain.com/subfolder/index.php).

    b. RewriteEngine On 
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

    This block works the same as the previous one, just with the help of a different syntax. It is possible to use either of the above mentioned rewrite rules in order to redirect all sites within a cPanel account.

    Forcing HTTPS for a specific site

    To enable a redirect for a single site, one can specify any of the blocks listed below in .htaccess:

    a. RewriteEngine On 
    RewriteCond %{SERVER_PORT} 80
    RewriteCond %{HTTP_HOST} ^ncssltest\.info$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.ncssltest\.info$
    RewriteRule ^(.*)$ https://www.ncssltest.info/$1 [R,L]

    b. RewriteEngine On 
    RewriteCond %{SERVER_PORT} 80 
    RewriteCond %{HTTP_HOST} ^ncssltest\.info$|^www\.ncssltest\.info$
    RewriteRule ^(.*)$ https://www.ncssltest.info/$1 [R,L]

    c. RewriteEngine On 
    RewriteCond %{SERVER_PORT} 80
    RewriteCond %{HTTP_HOST} ^(www\.)?ncssltest\.info
    RewriteRule ^(.*)$ https://www.ncssltest.info/$1 [R,L]

    Generally, all of the rule sets above do the same job: checking the port (80 for http, 443 for https), verifying whether a domain name in the initial request is with or without “www.” alias, and rewriting the URL with https://. You may choose which one to implement based on your individual preference.

    Disabling rewrite rule application for a specific site

    If you need to setup a redirect for all sites within Cpanel account except of one or a few, the block of code specified below can be added to .htaccess:

    RewriteEngine On 
    RewriteCond %{HTTP_HOST} ^(www\.)?ncssltest\.info
    RewriteRule .* - [L]
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

    The first condition in the block matches the requested URL against the domain name, included to conditional value (the one that should NOT be redirected), and stops rewriting if they match. It is possible to add domain names to the conditional directive, separating them with the ”|” symbol, or to specify several conditional directives, (see examples in previous section).

    Enabling HTTPS for a specific subfolder

    Sometimes you may need to redirect a certain part of a website located in a specific subfolder, while leaving the rest of the site as-is. To do this, insert the following block to .htaccess:

    RewriteEngine On 
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?subfolder/(.*) https://%www.ncssltest.info/subfolder/$1 [R,L]

    This rule is applied if only a specified subfolder is mentioned in the initial request.

    Forcing HTTPS for a specific page

    The rewrite rule for redirecting a specific page is similar to the previous one:

    RewriteEngine On 
    RewriteCond %{HTTPS} !=on
    RewriteRule ^example\.html$ https://www.ncssltest.com/example.html [R,L]

    Only the requested page will be redirected; other site content will remain unaffected.

    If the page that needs to be redirected is located in a specific subfolder, the RewriteRule line should be modified as follows:

    RewriteRule ^test/example\.html$ https://www.ncssltest.com/test/example.html [R,L]

    (in the above example, “test” is the subfolder in question)

    Setting up redirect for a specific file name, regardless of location

    If you have a number of pages with the same name, located in different subfolders (the example “index.html” is used below), you may enable HTTPS redirect for all of them at once. Do this by applying the ruleset as shown below:

    RewriteEngine On 
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_FILENAME} index.html
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

    Only the pages with the file names that match the {REQUEST_FILENAME} parameter value will be redirected to HTTPS.

    How to specify a redirect status code in rewrite rule

    Each rewrite rule ends with so-called “rewrite flag”s (specified in square brackets, e.g. [R,L]). These flags help to control the rewriting process to be performed correctly. To set a redirect with a 301 status code (permanent), you will need to assign this code to the R-flag in brackets by adding “=301”.

    force_https3

    NOTE: If there is no value specified for the R-flag, a redirection will be executed with a 302 status code by default.

    Once complete, a redirect functioning and its status code can be checked with the help of this tool.