Last updated December 6th, 2023 06:31
Today, practically every shared web hosting provider offers SSL certificates for free or for a fee, allowing websites to operate under the HTTPS protocol. However, automatic redirection of the website from HTTP to HTTPS does not always work. Therefore, website administrators must perform some form of manual redirection if someone enters the domain using the HTTP protocol. One of the best ways to do this is by using the .htaccess file for Linux websites or the web.config file for Windows websites.
You can insert directives into these files that will automatically redirect visitors to your website to the secure protocol. This is required by virtually all modern search engines such as Google, Bing, and others.
Let’s take a look at how to perform such redirection.
Automatic Redirection of Website from HTTP to HTTPS
Connect to FTP using an FTP client
The first step in modifying .htaccess or web.config files is to connect to your website’s FTP. Only there can you edit the files if they already exist or create and upload them. An example of a popular tool for connecting to FTP is FileZilla, which you can download and use for free. To connect to FTP, you will also need login information such as the server name, login, and password. Your web hosting provider should send you this information.
You can download the FileZilla FTP client for free here: https://filezilla-project.org/
Connecting to FTP using the FileZilla program is relatively simple. In the program’s top panel, simply fill in the information that your web hosting provider sent you after creating it. Except in exceptional cases, it is not necessary to fill in the port unless your web hosting provider instructs you otherwise. After clicking the connection button, you will access the FTP, where you will see the data structure of the website. The .htaccess or web.config file should be uploaded to the root folder with the data, known as the root folder.
Directives for files (redirecting traffic from HTTP to HTTPS)
Directives can be divided into two basic variants. I will call them Variant A and Variant B. Variant A performs redirection to a directly specified domain and is suitable if you have, for example, aliases set up on your website, but the certificate is issued only for the main domain. Such aliases will not work on the HTTPS protocol, so it is necessary to ensure that the alias is redirected to the main domain and the HTTPS protocol. The only disadvantage is that the address of the alias will be rewritten in the address bar to the name of the main domain. Variant B does not include the domain name and only ensures traffic redirection to the HTTPS protocol. You can choose this variant when there is only the main domain without aliases on the website or when you have a valid certificate for each alias.
Directives for the .htaccess file.
variant A
RewriteEngine On
RewriteCond %{HTTPS} off [NC]
RewriteRule (.*) https://www.your-domain.com%{REQUEST_URI} [L,R=301,QSA]
variant B
RewriteEngine On
RewriteCond %{HTTPS} off [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,QSA]
Directives for web.config file
variant A
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
<add input="{HTTP_HOST}" pattern="^www.nazev-domeny.cz$" negate="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://www.nazev-domeny.cz/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
variant B
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Why is it advisable to use .htaccess file instead of home and site URL with HTTPS in WordPress?
If you use WordPress settings to redirect traffic from HTTP to HTTPS, which means entering the domain with HTTPS in the home and site URL settings, your website will actually load twice. First, the entire content loads as HTTP version, and only after that, WordPress itself redirects the traffic to HTTPS. This logically slows down your website. However, if you use the aforementioned files (depending on the hosting operating system) for redirection, you can avoid this double loading of the website’s content, and the initial loading of the website will be faster.
The website is created with care for the included information. I strive to provide high-quality and useful content that helps or inspires others. If you are satisfied with my work and would like to support me, you can do so through simple options.
Subscribe to the Newsletter
Stay informed! Join our newsletter subscription and be the first to receive the latest information directly to your email inbox. Follow updates, exclusive events, and inspiring content, all delivered straight to your email.
