{"id":11435,"date":"2025-05-02T11:39:02","date_gmt":"2025-05-02T05:54:02","guid":{"rendered":"https:\/\/nestnepal.com\/blog\/?p=11435"},"modified":"2026-05-20T20:00:06","modified_gmt":"2026-05-20T14:15:06","slug":"https-using-htaccess-cpanel-step-by-step-guide","status":"publish","type":"post","link":"https:\/\/nestnepal.com\/blog\/index.php\/https-using-htaccess-cpanel-step-by-step-guide\/","title":{"rendered":"How to Force HTTPS Using .htaccess in cPanel (Step-by-Step Guide)"},"content":{"rendered":"

Why HTTPS Matters<\/span><\/h2>\n

The little padlock in the browser means more than just security\u2014it signals trust, privacy, and professionalism. Using a secure connection ensures your visitors\u2019 data is encrypted and shows search engines that your site is trustworthy. If your site still uses HTTP, you could be hurting both your users and your search visibility.<\/p>\n

\"HTTPS\"<\/p>\n

This quick guide walks you through redirecting all traffic to a secure version of your site using the .htaccess<\/code> file\u2014no advanced technical knowledge required.<\/p>\n

What You\u2019ll Need<\/span><\/h2>\n

Before we jump in, make sure:<\/span><\/p>\n

\"enable-https\"<\/p>\n

\u2705<\/span>Ensure your domain has an active SSL certificate<\/a> (check via cPanel or your hosting provider).<\/p>\n

\u2705<\/span>Have access to the .htaccess file (via File Manager or FTP).<\/p>\n

\u2705<\/span>Make sure your server runs Apache<\/a> (common in shared hosting).<\/p>\n

\u00a0<\/span><\/h2>\n

Step-by-Step: Enable HTTPS via .htaccess<\/span><\/h2>\n

\u00a0Step 1: Access Your .htaccess File<\/strong><\/span><\/h3>\n

Option 1: Using cPanel<\/em><\/span><\/h4>\n
    \n
  1. Log in to your <\/span>cPanel account<\/b> (usually via `yourdomain.com\/cpanel`).<\/span><\/li>\n
  2. Go to <\/span>File Manager<\/b>.<\/span><\/li>\n
  3. Navigate to the `public_html` folder (or your site’s root folder).<\/span><\/li>\n
  4. Click <\/span>Settings<\/b> in the top right corner.<\/span><\/li>\n
  5. Check <\/span>Show Hidden Files (dotfiles)<\/b>.<\/span><\/li>\n
  6. Find `.htaccess`, right-click, and choose <\/span>Edit<\/b>.<\/span><\/li>\n<\/ol>\n

    Option 2: Using FTP<\/em><\/span><\/h4>\n
      \n
    1. Connect to your site using an FTP client like <\/span>FileZilla<\/b>.<\/span><\/li>\n
    2. Go to the site\u2019s root directory.<\/span><\/li>\n
    3. Download `.htaccess` to your computer.<\/span><\/li>\n
    4. Open it in any text editor (VS Code, Notepad++, etc.).<\/span><\/li>\n<\/ol>\n

      Don\u2019t see a `.htaccess` file?<\/b><\/h4>\n

      Create a new file and name it exactly `.htaccess` (with the dot at the start, no extension).<\/span><\/p>\n

      Step 2: Add the Redirect Rule<\/strong><\/span><\/h3>\n

      Paste the following snippet at the <\/span>top<\/b> of your `.htaccess` file:<\/span><\/p>\n

      “`apache<\/span><\/em><\/p>\n

      <IfModule mod_rewrite.c><\/span><\/em><\/p>\n

      \u00a0\u00a0RewriteEngine On<\/span><\/em><\/p>\n

      \u00a0\u00a0RewriteCond %{HTTPS} off<\/span><\/em><\/p>\n

      \u00a0\u00a0RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [L,R=301]<\/span><\/em><\/p>\n

      <\/IfModule><\/span><\/em><\/p>\n

      “`<\/span><\/em><\/p>\n

      What this does:<\/b><\/p>\n

        \n
      • Activates URL rewriting.<\/li>\n
      • Detects if the current request isn\u2019t using HTTPS.<\/li>\n
      • Redirects visitors to the secure version of the page.<\/li>\n<\/ul>\n

        \u00a0Step 3: Save & Upload Changes<\/strong><\/span><\/h3>\n
          \n
        • In <\/span>cPanel<\/b>, just click <\/span>Save Changes<\/b>.<\/span><\/li>\n
        • In <\/span>FTP<\/b>, upload the updated `.htaccess` file back to your server, replacing the old one.<\/span><\/li>\n<\/ul>\n

          Step 4: Test the Redirection<\/strong><\/h3>\n

          Visit your site with `http:\/\/yourdomain.com`.<\/span><\/p>\n

          You should <\/span>automatically get redirected<\/b> to `https:\/\/yourdomain.com` and see the <\/span>padlock icon<\/b> in the browser.<\/span><\/p>\n

          If it\u2019s working, congrats, you\u2019ve just secured your website!<\/span><\/p>\n

          Troubleshooting Common Issues<\/span><\/h2>\n

          Redirection not working?<\/b><\/h3>\n

          \u00a0Ensure `mod_rewrite` is enabled (contact your hosting provider if unsure).<\/span><\/p>\n

          500 Internal Server Error?<\/b><\/h3>\n

          \u00a0 There may be a typo in your `.htaccess` file. Double-check the syntax.<\/span><\/p>\n

          Still showing HTTP?<\/b><\/h3>\n

          \u00a0 Clear your browser cache or test in Incognito Mode.<\/span><\/p>\n

          \u00a0Bonus Tips<\/span><\/h2>\n
            \n
          • Forcing HTTPS is great for SEO. Google gives preference to secure sites.<\/span><\/li>\n
          • Combine this with HSTS (HTTP Strict Transport Security) if you want browsers to remember to always use HTTPS.<\/span><\/li>\n
          • Always back up your `.htaccess` file before editing.<\/span><\/li>\n<\/ul>\n

            FAQs:<\/span><\/h2>\n

            1. What is HTTPS, and why does it matter?<\/h3>\n

            It encrypts the connection between your server and visitors, protecting data and improving your website\u2019s credibility and SEO.<\/p>\n

            2. Do I need an SSL certificate?<\/h3>\n

            Yes. Without one, HTTPS redirection won\u2019t work. Check or install SSL through your cPanel or hosting dashboard.<\/p>\n

            3. How do I confirm SSL is installed?<\/h3>\n

            Visit your site using https:\/\/. A padlock icon in the browser bar means SSL is active.<\/p>\n

            4. Can I redirect without cPanel?<\/h3>\n

            Absolutely. Use FTP to access and modify your .htaccess file, then upload it back to your server.<\/p>\n

            5. Is it risky to edit .htaccess manually?<\/h3>\n

            It\u2019s safe if you’re cautious. Always back it up first. One wrong character can cause server errors.<\/p>\n

            6. Why is my site still showing HTTP?<\/h3>\n

            Try refreshing in Incognito or clearing your browser cache. If that fails, check that mod_rewrite is enabled.<\/p>\n

            7. Is HTTPS beneficial for SEO?<\/h3>\n

            Yes, search engines prioritize secure sites. Users also feel safer, which improves engagement.<\/p>\n

            8. What\u2019s the role of HSTS?<\/h3>\n

            HSTS ensures browsers always use a secure connection for future visits. Implement it after confirming your site runs smoothly on HTTPS.<\/p>\n

            9. Should I update my internal links?<\/h3>\n

            Yes. Direct links to https:\/\/ prevent mixed content warnings and improve performance.<\/p>\n

            \u00a0Conclusion<\/span><\/h2>\n

            Enabling HTTPS via `.htaccess` is a quick win that makes your site more secure, trustworthy, and performant. Whether you’re running a simple blog or an online store, switching to HTTPS is no longer optional – it’s <\/span>a must<\/b>.<\/span><\/p>\n