How to force browser to access website via https by .htaccess

HTTPS is an extension of HTTP. HTTPS protocol uses the services of SECURE SOCKET LAYER (SSL). This results in the encryption of bidirectional

data transfer which  makes a website more secure and reliable. The communication between server and client is fully encrypted which makes communication eavesdropping and tampering proof

HTTPS uses SSL encryption which encrypts the data and sends data securely to the server. which prevents un-authorized access

of data to others or third-party SSL CERTIFICATE are availabe with premium hosting plan or can be purchased separately.

some hosting sites ex. GoDaddy provides free SSL CERTIFICATE for a few months or year based on your hosting plan.


Forcing HTTPS with .htaccess 

note:- .htaccess is a simple file with no name and .htaccess extension

A .htaccess (Hypertext Access ) is Apache directory configuration file. which contains rules to access the directory of apache server hosted website.

A .htaccess file can be kept inside that directory where one want to change directory access rules. In general most case .htaccess file is located in the root folder of Apache website but. When Apache server receives a request from a client for a file in the specified directory it looks in that directory for the .htaccess file if their any then proceed with rules defined in that .htaccess file if not that it continues. 

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Rewrite Engine perform URL rewriting thus affects thier appearance .It is a part of the URL mapping process within a web application.

Put the above code in a .htaccess file and put a .htaccess file in website www or public_html folder directory. It will force the server to use HTTPS protocol instead of HTTP.


Other posts