Now that you registered a domain say domianname.com when people have to look for your website, they will be landed on the URL http://domainname.com. But Http:// is not a safe place for adding your important information. Every website, almost every website these days try to keep their website, web application safe.
The most efficient way to keep our website safe avoiding attackers is to add a encrypted certificate SSL. With this your website will turn from http:// to https://. You can either get a free certificate or buy from your service provider. After installing the certificate you need to write some rule to forward your website from HTTP to https, from the .htaccess file.
Redirect HTTP to HTTPS using .htaccess
Most of the websites have a control panel cPanel, where you can manage your files. Inside your domain’s directory there exists .htaccess. Just in case it isn’t visible enable displaying hidden files. Open/edit .htaccess file and at the end of this file add the following line:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteEngine On – Allows enabling the Rewrite capabilities
RewriteCond %{HTTPS} off – Checks the request type. Checks if the request is HTTP type. If the request type is HTTP then the next line is executed.
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] – Now this line of code redirects all the HTTP requests to HTTPS. The request code 301 which is a redirection status code that wil be applied.
That’s it. Now you can see the results happily. Your website will be redirected to https. Now your website say, http://domainname.com gets redirected to https://domainname.com.