...Force HTTPS

Any issues with adjusting your .htaccess file fall under our Best Effort support policy. Best Effort does not include content management, coding or designing for your websites. We may also direct you to a better resource for your issue, such as Plugin Developer, Designer, Software Author etc. Best Effort is not covered under the same SLA's as our supported services and does not guarantee any future support for any issue. Please understand that Best Effort issues may take longer to resolve.

If you want to make sure every website visitor is using a secure (SSL) connection, you can use .htaccess rules to redirect insecure traffic. This will redirect http://mysite.com to https://mysite.com. Of course, this will only work if you have an SSL installed for your domain. To that end, all iThemes Hosting accounts do come with a free Let's Encrypt SSL.

This article assumes you are familiar with .htaccess files and editing configuration files. If you are not comfortable making changes to .htaccess files, don't hesitate to contact a developer. Before making any changes to configuration files, we strongly recommend you make a backup of the file.

To redirect every website visitor to a secure connection, add this rule to the .htaccess file for the website you'd like the redirect:

#force SSL on entire site
RewriteEngine On 
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://mysite.com/$1 [R=301,L]

You will need to replace mysite.com with the actual domain of your site.

Have more questions? Submit a request
Powered by Zendesk