Free Consultation

Redirect http to https - 7 ways to do

By: Einovex
Last Updated: April 29, 2023
redirecting http to secured https

Transitioning it from HTTP to HTTPS, ensuring a secure and improved user experience that will keep your visitors coming back for more.

In the digital world, security isn’t just an option—it’s a necessity. 

As we continue to live more of our lives online, ensuring the security of our websites is paramount. It’s about fostering trust, about telling your visitors that their safety is your priority. 

One of the best ways to do this is by redirecting your website traffic from HTTP to HTTPS.

But what if you’re not a tech guru? 

What if words like ‘redirect’, ‘HTTP’, ‘HTTPS’ sound like they’re in a foreign language? 

Worry not!  I have crafted this guide just for you! 

I’ll embark on a simple, step-by-step journey to show you the ropes, making sure you can confidently make the switch from HTTP to HTTPS, all by yourself! 

Whether you’re a blogger, a small business owner, or someone just interested in learning more about the internet, this guide has something for you.

7 easy ways to redirect http to https

  1. Using .htaccess file
  2. Using config file
  3. Using web.config file
  4. Using application code
  5. Using a CDN or reverse proxy
  6. Using HTTP Strict Transport Security (HSTS)
  7. Using meta refresh tag

Before making any changes, make sure to create a complete backup of your website. This will allow you to revert to a previous state if anything goes wrong during the process.

1. Using .htaccess file (apache redirect http to https)

The .htaccess file is a configuration file that controls the directory it is placed in and all the subdirectories underneath it. If you’re using an Apache server, you likely have access to this file.

  1. Use an FTP client (like FileZilla) or your web host’s file manager to access your website’s root directory.
  2. Look for the .htaccess file. If it doesn’t exist, create a new file and name it .htaccess
  3. Open the .htaccess file and add the following code:
				
					RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Save & close the file.

2. Using config file (nginx redirect http to https)

If you’re using an Nginx server, you’ll need to edit the server block for your configuration.

  1. Access your server via SSH.
  2. Open the Nginx configuration file. It’s typically located in /etc/nginx/sites-available/ or /etc/nginx/nginx.conf
  3. Add the following code in the server block listening on port 80:
				
					server {
  listen 80;
  server_name domain.com www.domain.com;
  return 301 https://$host$request_uri;
}

Save & close the file.

Test the configuration to make sure there are no syntax errors by running sudo nginx -t. If the test is successful, reload the Nginx configuration by running sudo service nginx reload

3. Using web.config file (iis redirect http to https)

If you’re using IIS (Internet Information Services), you can use the web.config file for redirection.

  1. Go to your website’s root directory.
  2. Look for the web.config file. If it’s not there, create a new file and name it web.config.
  3. Open the web.config file and insert the following code:
				
					<system.webServer>
  <rewrite>
    <rules>
      <rule name="HTTP to HTTPS redirect" stopProcessing="true"> 
        <match url="(.*)" /> 
        <conditions> 
          <add input="{HTTPS}" pattern="off" ignoreCase="true" />
        </conditions> 
        <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
      </rule>   
    </rules>
  </rewrite>
</system.webServer>

Save & close the file.

4. Using application code

This method is highly dependent on the programming language and framework you’re using. Here’s a basic example using a Node.js Express application:

  1. Open your application’s main server file (usually app.js or server.js).
  2. Add the following middleware code:
				
					app.use((req, res, next) => {
  if (req.protocol !== 'https') {
    return res.redirect(`https://${req.hostname}${req.url}`);
  }
  next();
});

Save and close the file & restart your server to apply the changes.

5. Using a CDN or reverse proxy

Many Content Delivery Networks (CDNs) and reverse proxy services, such as Cloudflare or AWS CloudFront, provide an option to automatically redirect HTTP traffic to HTTPS.

For instance, with Cloudflare:

  1. Log in to your Cloudflare account.
  2. Select the site you wish to redirect from HTTP to HTTPS.
  3. Click on the “SSL/TLS” tab.
  4. Under SSL/TLS, select “Full” or “Full (strict)”.
  5. Next, click on the “Edge Certificates” tab.
  6. Scroll down to “Always Use HTTPS” and switch it on. This will redirect all HTTP requests to HTTPS.

6. Using HTTP Strict Transport Security (HSTS)

This response header tells the browser to only use HTTPS, effectively redirecting any HTTP request to HTTPS. Be aware that it has implications for subdomains and can only be used when HTTPS is already in use.

For Apache:

  1. Access your .htaccess file as in step 1.
  2. Add the following line:
				
					shell add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'

Save and close the file, then test and reload the configuration as in step 2.

Note: The max-age directive specifies how long HSTS is in effect, in seconds.

The includeSubDomains directive applies HSTS to all subdomains. The preload directive is required to submit your site to the HSTS preload list, which is a list of sites hardcoded into browsers as being HTTPS only.

7. Using meta refresh tag

While this is not the recommended way due to performance and SEO implications, it’s still possible to perform a redirect using HTML

  1. Open the HTML file for the page you want to redirect.
  2. Add the following tag in the <head> section:
				
					<meta http-equiv="refresh" content="0; URL='https://example.com/'" />

Save and close the file.

Table of Contents
More About SEO

©2024. Einovex. All Rights Reserved.

Privacy Policy
Disclosure