0

I have a website and when I type the url with 'https://' the browser shows the site normally, however if I do not include 'https://' in the url, the browser brings me to a page that says my connection is not secure. I keep adding things to my htaccess but nothing seems to be working.

I think this issue is related to something missing from my htaccess file, but I do not know what to add. Can someone please either tell me what to add and/or point me to a good resource? Thanks.

brothman01
  • 1
  • 4

2 Answers2

0

Add this to your .htaccess (I'm assuming you use Apache)

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

Also do an apache2ctl -k graceful after you changed the .htaccess

Ace
  • 419
  • 6
  • this appears to have fixed it on desktop but mobile still shows the same error. That is to say, when I type the URL with no 'https://' in the beggining, on a desktop browser the site is shown normall but on an iPhone the browser shows a "connection inseccure" page. It is a bit different now though: the url becomes the IP of the server. – brothman01 Jul 16 '22 at 20:44
0

I would not use a htaccess file to do this - I would create a virtualhost with a permanent redirect to achieve this:

<VirtualHost *:80>
        ServerName www.yourdomain.com
        ServerAdmin bla@nix.org
        Redirect /  https://www.yourdomain.com

        ErrorLog ${APACHE_LOG_DIR}/http_error.log
        CustomLog ${APACHE_LOG_DIR}/http_access.log combined
</VirtualHost>
Martin
  • 1,869
  • 6
  • 16
  • I have not created a virtualhost before. What file do I add this code to and are there any other steps? – brothman01 Jul 16 '22 at 20:51
  • this heavily depends on the OS / distribution you are using. In Ubuntu for example, you create a file ```http-redirect.conf``` inside the directory ```/etc/apache2/sites-available```, and afterwards, you execute ```a2ensite http-redirect``` to enable the virtualhost definition (this creates a link to the config inside the directory ```/etc/apache2/sites-enabled``` ). And of course, don't forget to reload / restart your apache2... – Martin Jul 16 '22 at 20:55
  • I shouldn't use the file already in that directory, 000-default.conf or default-ssl.conf? – brothman01 Jul 16 '22 at 21:04