---

Many browsers have started showing insecure warnings on websites without SSL certificates. Without SSL, your website will show insecure to the visitors. Therefore, using an SSL-encrypted connection for safety,
accessibility or PCI compliance reasons is necessary. It becomes very important to redirect from HTTP to HTTPS.

What is SSL?

Secure Sockets Layer is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication.
The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.

An SSL certificate is necessary to create SSL connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server.
Following this, two cryptographic keys are created — a Private Key and a Public Key.
 

In order to force your web traffic to use HTTPS, you need to edit the codes in the .htaccess file.

Editing .htaccess File

There are instructions/directives in the .htaccess file that tell the server how to act in certain scenarios and directly affects how your website functions. Common directives in .htaccess file:

 

Redirecting HTTP to HTTPS

1) Redirect All Web Traffic

If you have existing code in your .htaccess, add the following:

2) Redirect Only a Specific Domain

For redirecting a specific domain to use HTTPS, add the following:

3) Redirect Only a Specific Folder

Redirecting to HTTPS on a specific folder, add the following:

Note: Replace “domain” with your actual domain name wherever required. Also, in case of the folder, replace /folder with the actual folder name.