How to Force HTTPS on Your Website Using .htaccess?
After installing an SSL certificate, you should force all visitors to use the secure HTTPS version of your website. This improves security, boosts SEO rankings, and prevents browser "Not Secure" warnings.
Method 1: Force HTTPS via cPanel
- Login to cPanel.
- Under Domains, click on your domain.
- Enable Force HTTPS Redirect toggle if available in your cPanel version.
Method 2: Force HTTPS via .htaccess
- Go to cPanel → File Manager → public_html.
- Open
.htaccess. - Add the following code at the top of the file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Force HTTPS and Remove www
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]
Force HTTPS and Add www
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
Important: Make sure your SSL certificate is properly installed before adding HTTPS redirects. If you force HTTPS without a valid SSL certificate, visitors will see a security error and cannot access your site.
If you continue to face issues, please open a create a request.
