Setting up secure web site communication in Apache web server

Securing your website is a common requirement these days. You need to get SSL certificate for your domain to secure the communication between the browser and the Web Server. There are many sources like Let’s Encrypt who provide these SSL certificates for free.

If you are setting up SSL certificate using a control panel like VestaCP. The SSL certificate is automatically issued for your domain. But, the users are not automatically redirected from the HTTP to HTTPS URL.

This rule needs to be configured in Apache web server using the .htaccess file. This file is used to enable or disable any additional functionality/features in the Apache Web server.

Adding the following few lines to .htaccess and placing it at the root directory of your domain does this trick. Users will now be automatically redirected to the secure HTTPS URL even when they type unsecure HTTP URL.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

 

Please let me know your views on this.

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial