Redirecting Website Users to a Secure Connection

By

This article was published in the print magazine Drupal Watchdog, Volume 6 Issue 3, Winter 2016, on page 9, by Linux New Media.

Major web applications are increasingly forcing visitors to connect to their websites using the cryptographic protocols of Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). In fact, Google Search is rewarding such sites in their indexing algorithm. If your site account has a valid TLS/SSL certificate, you too can compel visitors to connect securely. In the HTTP access file (.htaccess) in your site's root directory, find the line of code RewriteEngine on and after it, insert the following two lines:


RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

The first line limits the actions of the second to rewrite the user's URL only if the connection is not already utilizing HTTPS.

Copyright © 2016 Michael J. Ross. All rights reserved.

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <address> <area> <blockquote> <br> <cite> <code> <dd> <div> <dl> <dt> <em> <fieldset> <h1> <h2> <h3> <h4> <h5> <h6> <hr> <img> <input> <li> <map> <ol> <p> <pre> <span> <strong> <sup> <u> <ul>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
3 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.