DEP Hosting

A Guide to Redirecting HTTP to HTTPS with .htaccess

In an era where online security is paramount, ensuring that your website is served over a secure connection is crucial. HTTPS (Hypertext Transfer Protocol Secure) encrypts the data exchanged between a user’s browser and your website, protecting sensitive information from potential threats. If your website is currently using HTTP, it’s time to make the switch to HTTPS. In this guide, we’ll walk you through the process of redirecting HTTP to HTTPS using the .htaccess file.

What is .htaccess?

The .htaccess file is a configuration file used on web servers running the Apache software. It allows you to control various aspects of your website’s functionality, including URL redirects, authentication, and custom error pages. By adding a few lines of code to the .htaccess file, you can enforce the use of HTTPS and provide a more secure browsing experience for your visitors.

Step 1: Backup Your .htaccess File

Before making any changes, it’s essential to create a backup of your current .htaccess file. This precaution ensures that you can easily revert to the previous state if any issues arise during the process. Simply download a copy of the existing .htaccess file from your server to your local machine.

Step 2: Open .htaccess File

Using a text editor or an FTP client, access your website’s root directory and locate the .htaccess file. If you can’t find it, create a new file and name it “.htaccess.”

Step 3: Add the Redirect Code

To redirect HTTP traffic to HTTPS, add the following lines of code to your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Explanation of the code:

  • RewriteEngine On: Enables the Apache mod_rewrite engine.
  • RewriteCond %{HTTPS} off: Checks if the connection is not already HTTPS.
  • RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]: Redirects the URL to the HTTPS version, including the full domain and URI. The [L,R=301] flags indicate a permanent (301) redirect.

Step 4: Save and Upload

Save the changes to your .htaccess file and upload it back to your server. Ensure that the file permissions are set correctly to allow the server to read it.

Step 5: Test the Redirect

Visit your website using the HTTP protocol ( You should be automatically redirected to the secure HTTPS version. Additionally, check a few different pages to confirm that the redirection is working consistently.


Redirecting HTTP to HTTPS is a critical step in enhancing the security of your website. With the simple addition of a few lines of code to your .htaccess file, you can ensure that all traffic is encrypted, protecting both your users and your site’s integrity. Regularly monitor your website to ensure that the redirect remains effective, and enjoy the increased security and trust that comes with serving your content over HTTPS.

Leave a Comment