Force SSL
If you have an SSL certificate and you want to ensure all your visitors are viewing your page from a secure connection, you can force SSL from within your htaccess file. By doing so, only the https version of the page will be accessible.
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq “example.com”
ErrorDocument 403 https://example.com
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq “example.com”
ErrorDocument 403 https://example.com
If that does not work for you or you do not have mod_ssl enabled, you can also use this simpler version:
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
