Force https

KushCat · January 30, 2025, 2:49am

which is the correct way to force https in .htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

or

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

they both seem to do the same thing and work

Frank419 · January 30, 2025, 3:40am

Because !=on (not on) is literarily just off

KushCat · January 30, 2025, 4:00am

ok so this is the correct code to force http to https and force www. to non www? it seems to work

RewriteCond %{HTTP_HOST} ^www.(.)$ [NC]
RewriteRule ^(.)$ http://%1/$1 [R=301,L]

RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Frank419 · January 30, 2025, 4:06am

If it seems to work, it works. There’s no need to ask everything on the forum; trying it out is most of the times more efficient.

Admin · January 30, 2025, 12:18pm

Both codes are identical in 99% of the situations.

However, on some platforms, if the website does not use HTTPS, then the HTTPS property is not set to off, but is missing entirely. In those situations, the code at the top wouldn’t work correctly.

But on our hosting, both code should work exactly the same.

system · February 6, 2025, 12:19pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.