Redirect HTTP to HTTPS using .htaccess

  • Post last modified:January 28, 2021
  • Reading time:4 mins read
  • Post category:SSL

In this tutorial, I will demonstrate how you can redirect your website from HTTP to HTTPS using .htaccess.

One of the options to force your visitors to use the SSL Certificate installed on your website (HTTPS) is to edit the .htaccess file.


Make sure you have the following prerequisites before starting to make changes to redirect the visitors of your website from http to https:

  • Your web server must be compatible with Apache (Litespeed Enterprise also works).
  • Your website is already configured to use HTTPS and has an SSL Certificate already installed.

You should know how to:

  • Locate the public directory (also known as the root folder) of your website.
  • Create or edit a .htaccess edit using your preferred method.

Methods to edit the .htaccess file:

  • Edit the file on your computer and upload it to the server (using FTP, SFTP, or the File Manager of your web control panel).
  • You can also use your FTP client to edit the file directly.
  • Connect via SSH and use a text editor such as vi or nano to edit .htaccess.
  • Use the File Manager in your web control panel to edit the .htaccess file.

Edit the .htaccess file

To redirect the visitors of your website from HTTP to HTTPS, begin by adding the following code to your .htaccess file – located at the public directory of your website:

# Turn RewriteEngine ON
RewriteEngine On

# Redirect http to https
RewriteCond %{HTTPS} !^on$
RewriteRule (.*)$1 [R,L]

Replace by your domain name. If you are using www or any other subdomain, you need to include it as well.

For example, if your website uses www (, the following line should be added like this:

RewriteRule (.*)$1 [R,L]

Please note, only a single RewriteEngine On is necessary. In case you already have that line on your .htaccess file, you may not need to add another.


If you can’t locate the .htaccess file of your website for some reason:

  • you could be looking at the wrong location.
  • the .htaccess file is probably hidden.
  • you may need to create it.


Your visitors are going to be redirected from HTTP to HTTPS from now on.

Did this article help you? Share it and help someone else to use HTTPS on their website.