If your website has an SSL certificate you probably want all traffic to use the HTTPS protocol rather than HTTP. To do so, you need to redirect traffic from HTTP to HTTPS.

Linux (.htaccess)

Most of our Linux web servers run Apache and come with cPanel. The easiest way to force HTTPS on cPanel servers is via cPanel’s Domains interface. All you have to do is toggle the Force HTTPS Redirect option to On.

The 'Force HTTPS' option in cPanel's 'Domains' interface.

Image: the Force HTTPS Redirect option in cPanel.

In the background, cPanel will create a redirect rule in the .htaccess file. The rule looks like this:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{HTTP_HOST} ^example\.net$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.net$
RewriteRule ^(.*)$ "https\:\/\/example\.net\/$1" [R=301,L]

This rule redirects both http://example.net/ and http://www.example.net/.

If you also want your domain to either always or never use the the ‘www’ subdomain then you need to manually add a rule to the .htaccess file. You can copy and paste the below code examples.

Redirect to non-WWW and HTTPS

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

Redirect to WWW and HTTPS

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

There are more examples of managing redirects in our article about cPanel redirects.

Windows (web.config)

On our Windows servers you can add a rule to the web.config file:

<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

If the <rules> sections already exists in the web.config file then you can simply add the <rule>; block to the existing section.