Apache - Redirect HTTP to HTTPS
The following steps describe the configuration of Apache to have the website loaded completely over HTTPS. Please read our background infomation on Securing your complete website with SSL
Redirect via mod_alias
When you can edit the Apache vhost configuration directly, you can change the virtualhost configuration to contain the following line, to redirect all HTTP traffic to HTTPS.
Redirect permanent "/" "https://www.example.com/"
Configuring HTTPS per website
An other method to redirect all URL's to HTTPS is making use of the mod_rewrite module in Apache. This module can be activated by adding the following line to your httpd.conf, if not there already:
LoadModule rewrite_module modules/mod_rewrite.so
After enabling the mod_rewrite module you should enable the possibility for an .htaccess file to overwrite you server configuration. This can be done by adding the line AllowOverride All
to your virtualhost file. Often this already has been set in shared hosting environments:
<VirtualHost *:80> <Directory /var/www/> AllowOverride All </Directory> </VirtualHost>
Now the .htaccess file in the root directory of your website can be edited to have traffic redirected from HTTP to HTTPS. The content of the .htaccess file should contain the following lines to have Apache do this.
RewriteEngine on RewriteCond %{HTTPS} off # meaning not being connected via https RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301]# redirect to https
SSLCheck
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues