How to Force SSL by Redirecting HTTP to HTTPS

Once you have enabled SSL on your site, ServerPilot makes it easy to redirect all plain HTTP requests to HTTPS.

Under your app's SSL tab, click Redirect HTTP to HTTPS after enabling SSL.

A green box will appear telling you the redirection is active.

Manually Forcing SSL

If you need to manually redirect your entire site, create a .htaccess file in your app's public folder and add the following at the beginning of the file:

RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]

If you only want to have SSL enabled for a single directory within your app, place the .htaccess file in that directory.

You can change the 302 to a 301 after you have confirmed your redirect is working as expected and you are ready for it to be cached by browsers.

Last updated: July 21, 2017