What is HTTPS, and why should you use it?
HTTPS, displayed as a padlock icon in the web browser bar, indicates the SSL protocol is being used to send data between a web server and a website. Any website, especially those that require login credentials, and sensitive data, should use HTTPS.
How does HTTPS redirection work?
Let’s say you’ve just installed an SSL on your website, whether through our one-click Let’s Encrypt installer or one purchased through your Client Area.
The force HTTPS redirect feature in cPanel allows you to redirect visitors to the secure version of your website automatically.
How to force HTTP to HTTPS redirect in cPanel?
1. Go ahead and log in to cPanel.
2. Once in the cPanel dashboard, scroll down to the “Domain” section and click on the Domains icon.
Then the domains interface will appear, where you will see a list of all the domains on your cPanel account. You’ll see the “Force HTTPS Redirect” column.
3. Let’s locate the domain that you wish to redirect to HTTPS and set the appropriate force HTTPS redirect toggled to on, as in our example:
A success message will appear.
You can toggle several domains to enable or disable forced HTTPS redirects with the option at the top of the table. Please select the checkbox for each domain and select whether you want to toggle them all on or off.
4. Now, let’s go back and access your website. Notice how it redirects us to the secure version, and we see a secure lock symbol in the location bar.
Struggling with security issues? ChemiCloud is the hosting solution designed with reliability and security in mind! 🔐 Check out our web hosting plans!
This means we’re using a secure connection to the site.
How to force HTTP to HTTPS redirect for Addon Domains?
One other aspect you need to know about this feature – Addon and parked domains inherit their settings from their associated domains.
1. Click the gear icon and “Show Associated Subdomains.”
2. The associated subdomain for that addon domain will appear. Set the appropriate force HTTPS redirect toggled to on. A success message will appear.
In our example, we have forced HTTPS for domain.com, which is added as an addon:
3. Now, let’s go back and access your website. Notice how it redirects us to the secure version, and we see a secure lock symbol in the location bar.
That means we’re using a secure connection to the site.
Resolving SSL Mixed Content Warnings
Once doing the redirect from HTTP to HTTPS, if you are facing SSL mixed content warnings, you only need to add the following lines of code to your site’s .htaccess file:
<ifModule mod_headers.c> Header always set Content-Security-Policy "upgrade-insecure-requests;" </IfModule>
Now let’s go back and access your website. Notice how it redirects us to the secure version, and we see a secure lock symbol in the location bar.
As always, we’re here if you have any questions!