Web Hosting Blog by Nest WebHost | Domain & Hosting Tips
Popular
Features
Meta
Affiliate Program
2 Posts
View Posts
Blogging Tips
6 Posts
View Posts
Cloud
13 Posts
View Posts
Cloud Hosting
4 Posts
View Posts

Popular Posts

Let`s Get Social

Facebook 0 Likes
Twitter 0 Followers
Instagram 0 Followers
YouTube 0 Subscribers
TikTok 0
C CMS

How to Force HTTPS Using .htaccess in cPanel (Step-by-Step Guide)

Sonam Lama
May 2, 2025
3 min read
0
Share
0
0
0

Why HTTPS Matters

The little padlock in the browser means more than just security—it signals trust, privacy, and professionalism. Using a secure connection ensures your visitors’ data is encrypted and shows search engines that your site is trustworthy. If your site still uses HTTP, you could be hurting both your users and your search visibility.

HTTPS

This quick guide walks you through redirecting all traffic to a secure version of your site using the .htaccess file—no advanced technical knowledge required.

What You’ll Need

Before we jump in, make sure:

enable-https

Ensure your domain has an active SSL certificate (check via cPanel or your hosting provider).

Have access to the .htaccess file (via File Manager or FTP).

Make sure your server runs Apache (common in shared hosting).

 

Step-by-Step: Enable HTTPS via .htaccess

 Step 1: Access Your .htaccess File

Option 1: Using cPanel

  1. Log in to your cPanel account (usually via `yourdomain.com/cpanel`).
  2. Go to File Manager.
  3. Navigate to the `public_html` folder (or your site’s root folder).
  4. Click Settings in the top right corner.
  5. Check Show Hidden Files (dotfiles).
  6. Find `.htaccess`, right-click, and choose Edit.

Option 2: Using FTP

  1. Connect to your site using an FTP client like FileZilla.
  2. Go to the site’s root directory.
  3. Download `.htaccess` to your computer.
  4. Open it in any text editor (VS Code, Notepad++, etc.).

Don’t see a `.htaccess` file?

Create a new file and name it exactly `.htaccess` (with the dot at the start, no extension).

Step 2: Add the Redirect Rule

Paste the following snippet at the top of your `.htaccess` file:

“`apache

<IfModule mod_rewrite.c>

  RewriteEngine On

  RewriteCond %{HTTPS} off

  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

“`

What this does:

  • Activates URL rewriting.
  • Detects if the current request isn’t using HTTPS.
  • Redirects visitors to the secure version of the page.

 Step 3: Save & Upload Changes

  • In cPanel, just click Save Changes.
  • In FTP, upload the updated `.htaccess` file back to your server, replacing the old one.

Step 4: Test the Redirection

Visit your site with `http://yourdomain.com`.

You should automatically get redirected to `https://yourdomain.com` and see the padlock icon in the browser.

If it’s working, congrats, you’ve just secured your website!

Troubleshooting Common Issues

Redirection not working?

 Ensure `mod_rewrite` is enabled (contact your hosting provider if unsure).

500 Internal Server Error?

  There may be a typo in your `.htaccess` file. Double-check the syntax.

Still showing HTTP?

  Clear your browser cache or test in Incognito Mode.

 Bonus Tips

  • Forcing HTTPS is great for SEO. Google gives preference to secure sites.
  • Combine this with HSTS (HTTP Strict Transport Security) if you want browsers to remember to always use HTTPS.
  • Always back up your `.htaccess` file before editing.

FAQs:

1. What is HTTPS, and why does it matter?

It encrypts the connection between your server and visitors, protecting data and improving your website’s credibility and SEO.

2. Do I need an SSL certificate?

Yes. Without one, HTTPS redirection won’t work. Check or install SSL through your cPanel or hosting dashboard.

3. How do I confirm SSL is installed?

Visit your site using https://. A padlock icon in the browser bar means SSL is active.

4. Can I redirect without cPanel?

Absolutely. Use FTP to access and modify your .htaccess file, then upload it back to your server.

5. Is it risky to edit .htaccess manually?

It’s safe if you’re cautious. Always back it up first. One wrong character can cause server errors.

6. Why is my site still showing HTTP?

Try refreshing in Incognito or clearing your browser cache. If that fails, check that mod_rewrite is enabled.

7. Is HTTPS beneficial for SEO?

Yes, search engines prioritize secure sites. Users also feel safer, which improves engagement.

8. What’s the role of HSTS?

HSTS ensures browsers always use a secure connection for future visits. Implement it after confirming your site runs smoothly on HTTPS.

Yes. Direct links to https:// prevent mixed content warnings and improve performance.

 Conclusion

Enabling HTTPS via `.htaccess` is a quick win that makes your site more secure, trustworthy, and performant. Whether you’re running a simple blog or an online store, switching to HTTPS is no longer optional – it’s a must.

 

Share this article
0
0
0
Shareable URL
Sonam Lama
Prev Post

How to Enable CORS in cPanel: A Complete Guide for Cross-Domain Access
Next Post

 How to Set Up Webmail with Gmail: Send & Receive Emails from Your Domain
Leave a Reply

Your email address will not be published. Required fields are marked *

Read next