We've recently performed some software upgrades to both cPanel and the Client Area that has resulted in some of the KB articles appearing outdated and obsolete. We are working to update and/or remove the affected articles but this may take some time. We appreciate your patience!

How to force HTTPS using your .htaccess file

Sometimes it's necessary to make sure your website’s visitors use the SSL encrypted connection.

Forcing visitors to use SSL can be accomplished through your .htaccess file using mod_rewrite.

To force all web traffic to use HTTPS insert the following lines of code in the .htaccess file in your website’s root folder.


If you have existing code in your .htacess, add this above the other rewrite rules but below "RewriteEngine On".

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

To force a specific domain to use HTTPS, use the following lines of code in the .htaccess file in your website's root folder:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

Make sure to replace example\.com with the domain name you're trying force to https. Additionally, you need to replace with your actual domain name.

If you want to force SSL on a specific folder you can insert the code below into a .htaccess file placed in that specific folder:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$$1 [R,L]

Make sure you change the folder reference to the actual folder name. Then be sure to replace with your actual domain name and folder you want to force the SSL on.

Be sure in cPanel on the File Manager that you enable showing of hidden files.  In the File Manager, click Settings in the top right and check the box "Show Hidden Files (dotfiles)".

  • SSL, htaccess

Also Read

Was this answer helpful?

 Print this Article