WordPress Code Snippets

A fresh mix of code snippets and tutorials

Redirect HTTP to HTTPS

94

In addition to www canonicalization, you can also canonicalize the HTTP protocol, redirecting HTTP to HTTPS (or vice versa) with .htaccess.

Read first

Before implementing any code, check a few URLs to see if it’s even necessary. For example, try requesting your home page using the https:// prefix and see what happens. If you’re automatically redirected to the http:// version of the page, then you’re good to go. Search engines and visitors will stay on the http version of your site and not get lost anywhere in https land. This helps to eliminate duplicate content and preserve precious link equity to your canonical set of pages.

Most server configurations should redirect by default when HTTPS isn’t configured, but I’ve seen many cases where pages requested via https return the default server page, a 404 error, or duplicate content. So check first and then proceed accordingly. Read more notes »

Note that these techniques are for Apache servers with SSL enabled.

.htaccess redirect HTTP to HTTPS (or vice versa)

Method 1: Check if HTTPS is enabled

The first thing to do is check if HTTPS is enabled on your Apache server. You can do that by adding the following code to your site’s root .htaccess file:

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} on
	RewriteRule .* /?https-is-on
</IfModule>

This technique checks if HTTPS is enabled on your server. If so, then it will redirect the request to the your homepage with the query string https-is-on appended. You can perform the inverse test by changing on to off.

Method 2: Redirect all requests to either HTTP or HTTPS

This method checks if HTTPS is enabled and then if so, uses server variables to redirect all requests to the HTTPS protocol:

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} on
	RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>

Note: to change this technique instead to redirect from HTTPS to HTTP, change the RewriteCond to off and replace https with http in the RewriteRule.

Method 3: Redirect all requests to either HTTP or HTTPS

This method checks if HTTPS is enabled and then redirects all requests to HTTPS:

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} on
	RewriteRule .* https://example.com/$1 [R=301,L]
</IfModule>

Note: edit the example.com to match your own domain. To change this technique instead to redirect from HTTPS to HTTP, change the RewriteCond to off and replace https with http in the RewriteRule.

Method 4: Redirect all requests to either HTTP or HTTPS

This method uses the server-port to redirect all requests to the HTTPS protocol:

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{SERVER_PORT} ^443$
	RewriteRule .* https://example.com/$1 [R=301,L]
</IfModule>

Note: edit the example.com to match your own domain. To change this technique instead to redirect HTTPS to HTTP, change the server port from 443 (https) to the default http server port (typically 80), and replace https with http in the RewriteRule.

TIP: Check on both http and https folders

If none of the code is working when placed in the root .htaccess file contained in the /http/ (or similar) directory, try placing them in the root .htaccess file contained in the /https/ directory (if it exists, again it all depends on server configuration). Never hesitate to ask your web host for help if/when needed.

Notes

This mini-tutorial is for people who know they want to redirect from HTTPS to HTTP (or vice versa). If you’re using HTTPS for anything, you’ll want to modify the .htaccess rules according to your needs. For example, by limiting the redirect to specific pages, etc.

Also note that every server setup is different, and redirecting HTTPS to HTTP (or vice versa) seems to be one of those tasks that seems simple, but actually requires either access to the Apache configuration file, or some trial-&-error using different .htaccess techniques. In other words, as far as I know, there is no one-size .htaccess solution for redirecting HTTP to HTTPS. Even so, there are variety of methods available that seem to work depending on server configuration.

Learn more

.htaccess made easy


Show Support

Like our new Facebook Page to show support!