How to force/redirect HTTP to HTTPS using .htaccess file in cPanel

Once a SSL certificate is installed and a site can be reached via https:// appropriately, visitors should be able to access the whole site or key pages via https:// automatically. In other words, by typing in a web-browser, a user should be redirected to to access the site securely.

To accomplish this, a special set of directives called rewrite rules needs to be added to the web-site’s .htaccess file, which can be found in the root folder of a specific site in cPanel (e.g. “public_html”). If the file is not shown, please make sure to click on 'Settings' and tick the option 'Show hidden files'. Also, this file can be created if it cannot be located in any way.

Status code 301 (permanent redirect) implies that the requested resource has moved to a new location permanently, thus search engines should not take into account the references to a previous location and index a new one. Web-browsers, in turn, will store a new URL in cache, therefore, giving it priority over the initial URL.

Status code 302 (temporary redirect) means that the redirect has been set for a limited period of time. Search engines in this case should honor both locations as equal and the initial one would remain valid. Accordingly, browsers will not cache the new URL and the redirection will be executed every time the initial URL is requested.

You can force an HTTPS connection on your website by adding these rules in your website's .htaccess file:

The .htaccess file needs to be located inside the site's document root folder. If your website is in a sub folder, then the .htaccess should be placed in the corresponding sub folder.

You can create or edit the .htaccess file either via FTP, or using with the File Manager available in cPanel.

  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

How SSL works

When an Internet user visits a secure web site, an SSL certificate provides identification...


SSL (Secure Sockets Layer) is a standard technology behind establishing an encrypted connection...