Hello,
can anyone advise me how can I force my website to use SSL please?
Thanks.
can anyone advise me how can I force my website to use SSL please?
Thanks.
-
Last edited by victorvictories; 11-04-2023, 11:07. -
Re: Force the site use SSL
Hi,
Well, an easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:
Make sure that the .htaccess file is placed in root folder of the domain.RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Regards,
Euk-Joel -
Re: Force the site use SSL
Hi,Originally posted by Claptone View Post
If your site is hosted on a Windows server, the easiest way to do this is with the URL rewriting in IIS. You can refer to the link http://forums.eukhost.com/f15/redire.../#.Ue4wEqwlGSo for the detailed steps. Last edited by victorvictories; 11-04-2023, 11:08."It Takes 20 Years To Build A Reputation And Five Minutes To Ruin It. If You Think About That, You'll Do Things Differently. "Comment
-
Re: Force the site use SSL
You should not force your complete site to be SSL, if at all possible. Only pages that deal with personal/financial information should be SSL enabled, with very few exceptions.Comment
-
Re: Force the site use SSL
Very true.. only necessary directories should be forced under SSL, as stated in this thread:Originally posted by ejsolutions View Post
You shouldn't really allow crawling of https pages, as generally they're only used for internal pages, such as login and account information. Why would you want a bot to access a secure connection? (Rhetorical.) Additionally, there is a slight performance penalty for secure pages. There will be a performance loss on secure pages, which is why it is best not to use SSL on pages where you do not need it (i.e. you would need it via your company's client area, but not on a page which is purely to display the features of a product you are selling). It's not only the user experience you'd want to think about when it comes to the "performance loss", but also the fact that search engines will take into account the speed and responsiveness of your website (search engine optimisation) and using SSL where unnecessary can potentially affect your site's SEO in this regard.
Hence one should be careful when letting the entire site redirect to SSL pages.Comment
-
Re: Force the site use SSL
Hi,
Many thanks for the advise and resolutions provided over here.
Yes, I have user login page in my website and thought forcing HTTPS to the whole website will also secure the login page.
Taking this SEO in regards, is there a way I can force only my user login page to use HTTPS ?
The user login page is configured on a folder, not in a subdomain. I want to force HTTPS in this specific folder..... any ideas ?
Thanks & great support as always.
Claptone.Comment
-
Re: Force the site use SSL
Hi,
If you want to force HTTPS on a specific folder you can insert the code below into a .htaccess file
Make sure you change the folder reference to the actual folder name and be sure to replace www.yourdomain.com/folder with your actual domain name and folder you want to force the HTTPS on.RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L]Comment
-
Re: Force the site use SSL
Can't this be done normally by simply installing the SSL instead of forcing it on specific pages?Comment
Rock
Comment