Blog - PonticStar.com » Apache http://www.ponticstar.com/blog Blog about various aspects of programming and web design Mon, 28 Jun 2010 19:53:52 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Force SSL using .htaccess and mod_rewrite http://www.ponticstar.com/blog/2009/11/21/force-ssl-using-htaccess/ http://www.ponticstar.com/blog/2009/11/21/force-ssl-using-htaccess/#comments Sat, 21 Nov 2009 23:42:46 +0000 Michael Ryvkin http://www.ponticstar.com/blog/?p=107 Sometimes you need to force your visitors to use secure connection if they forgot to type https:// in the browser. It can be accomplished by adding the following lines to .htaccess file located in the root folder of your web site. It will force secure connection for all pages on your web site.

.htaccess
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

If you want to force secure connection only in certain directory (for example /secure), use this code instead.

.htaccess
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^secure
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
]]> http://www.ponticstar.com/blog/2009/11/21/force-ssl-using-htaccess/feed/ 0