How to Force the Use of SSL on Your Domain

If you have already installed an SSL certificate on your hosting account, you may consider forcing the use of the secured version of your website protected by SSL, which uses the secure HTTPS protocol.

Since the end of 2014, Google has announced that web sites displaying their entire web site over HTTPS and using valid SSL certificates will receive a boost in their search engine rankings compared to sites that do not. Moreover, starting July 2018, Google's Chrome browser has started displaying a Not Secure indicator in the address bar for websites not using HTTPS. As such, WHC strongly recommends using HTTPS for all your websites.

To force SSL on all your domain, you will need to create a file called .htaccess inside your public_html folder. If this file already exists, you will need to update it. You may create and update your files using the File Manager in your cPanel or any other file management tool of your choice (such as FTP). Add the following lines to your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]

If you are using "www" in your domain address, please use this code instead:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .*{REQUEST_URI} [R,L]

You will need to replace "" by your actual domain name.

Please note that certain web applications, such as the Site Builder, Wordpress, Drupal, and Joomla require an update to their settings in order to force SSL across your entire domain. Please refer to each application's documentation for details, or contact our support team for assistance.

Was this answer helpful? Yes No