Force SSL using .htaccess and mod_rewrite

By Michael Ryvkin on Saturday, November 21, 2009

Sometimes you need to force your visitors to use secure connection if they forgot to type https:// in the browser. It can be accomplished by adding the following lines to .htaccess file located in the root folder of your web site. It will force secure connection for all pages on your web site.

.htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

If you want to force secure connection only in certain directory (for example /secure), use this code instead.

.htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^secure
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Posted in Web Development | Tagged Apache

Permalink | RSS | Trackback | Post a comment

PonticStar.com

Blog

Force SSL using .htaccess and mod_rewrite

Post a Comment

Categories

Archives

Search

RSS Feeds