How to Force HTTPS using .htaccess Redirection in Three Lines

Don’t waste time or bloat your WordPress website. Just a few lines of code can ensure your website automatically default to HTTPS over HTTP.

The code below can easily be added to your website via FTP or File Manager in your hosting control panel. Look for the file .htacess in your Public HTML root directory yourwebsite.com/.htacesss and add the code to the top of it.

Code Snippet

Apache
# Force HTTPS Redirection RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}/ [L,R=301]

This is a file only readable by your server, so it’s not something you can type in your browser like robots.txt. It can be hidden at times, so be sure to check your File Manager settings if you don’t see it as the first file in your website’s root.

Add these three lines to the top of your .htacess file, and save.  That’s it, you’re done. Anyone who types in yourdomain.com or http://yourdomain.com will not get redirected to https://yourdomain.com

WordPress Rules

For those using WordPress, you can save one line of code since RewriteEngine On is already added to your .htaccess file and you can just place the bolded code below.

Apache
# Force HTTPS Redirection in WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}/ [L,R=301] RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteCond %{REQUEST_URI} !(/$|\.) RewriteRule (.*) %{REQUEST_URI}/ [R=301,L] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>