Force your website to run encrypted (https://)

ParanoiaPhD

Well-Known Member
May 2, 2019
120
13
32
California
www.iceyou.org
Shard Name
Central USA
So I've had many websites... none of them ever had ssl encryption unless you physically typed in https:// before the domain... SO I found this youtube video that taught me the trick...

Basically you create a new file in the same folder as your index pages... So index page for your website or your forums and you add a file named ".htaccess" If its already there just edit it...

inside that file add the following code and then presto https:// always...

C#:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
the video is kinda… hard to understand.
 
  • Like
Reactions: Milva and Regnak

Regnak

Well-Known Member
Apr 1, 2013
305
49
Belgium
Hi there !

Thank you for that useful piece of information. I can only encourage webmasters to follow that tip.

Personally, for hosting my websites, I use ISPConfig, which comes with ready-to-use tools to enable encryption (with LetsEncrypt) and redirection (just tick 'redirect http to https' and the job is done ^^).

For those who don't want to use ISPConfig, I recommend using LetsEncrypt (and/or certbot) to get free SSL Certificates that can be renewed every three months.

Hopefully our two posts here will motivate webmasters to host secure websites, @ParanoiaPhD ;)

Thanks for creating that topic.

-Rek-