Redirect All Requests From HTTP to HTTPS

Some time back when we decided to switch to https from http, it seemed like the tough question was what type of SSL certificate to go for. Google had recommended https over Http for improved rankings, and we wanted to implement that on our site.

The decision was tough, as we did not know what will happen to the traffic during the transition phase, while Google still indexed the pages over https. But since this had to be done someday, we decided that we should go for it now.

Buy And Installing The Certificate Was Fairly Straight Forward

There were many different types of SSL available in the market, and from many different vendors. Some are quite expensive, and some are in the midrange. We decided to go with an Extended Validation SSL Certificate, which is the Highest Assurance Level SSL available. It activates the green address bar with your company name, as you can see in your address bar above. This type of certificates goes through a proper verification of your business before they issue it to you.

This was important as most of our clients are from overseas, and this would be a good tool to create trust among our existing clients and of course the prospective ones. Though the verification took some time, we got our certificate within a few days. The installation involved a few steps but was quite straight forward.

Redirecting Traffic – Redirect All Requests From HTTP to HTTPS

Soon the website was now accessible over https:// protocol. But we also noticed that the site was also accessible over http://. We are not an authority on URL rewrites and URL redirects, so we turned to Google for answers. But surprisingly did not find many.

We spent quite a few days researching on how this could be done. Since we run a WordPress site, there were a few plugins for HTTPS Redirection. But again we did not want to rely on plugins, for something seemingly so basic. We found bits and pieces of information here and there. Tested this, and tested that, and came out with a code that seems to work pretty well now.

You can write this rewrite rule in your .htaccess file. I am presenting as we are using it. If you are unsure about it, please do not use it. We did spend a lot of time researching, hopefully, it will save you some time. This rewrite rule uses www, so it would redirect all traffic to https://www.

# BEGIN WordPress

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

You can write the above code towards the end of your .htaccess file. The [R=301] means that it is a 301 redirect to the https version of your site.

You Can Alternatively Use A Proxy Service For Redirects

Alternatively, you can also use a proxy service, like Cloudflare, to handle your redirects. Essentially, it handles all traffic for you, before it reaches your hosting server or site. So you can use such services to redirect traffic over https version of your site. They usually have easy rules one can implement.

Hope the article has been helpful to you. If you have any suggestions of comments, please do let me know.

Image Credit:

Leave a Reply

Your email address will not be published. Required fields are marked *