Securing your website with HTTPS and maintaining a consistent URL structure is essential for protecting user data and improving SEO performance. In this guide, we’ll walk you through the process of achieving this using an .htaccess file for apache as well as Nginx configuration file.
Access Your Website’s Files
Go to your web server control panel or use FTP to get to the root directory of your website files. If there is no .htaccess file there then create a blank one. If there is already an existing .htaccess file in there then open it in editor and do not touch any existing lines of code in there.
Now follow the given steps. If you see any command that is already there then skip that one. Otherwise add it in your .htaccess file. In most cases this commands go at the top of the file.
Enable the Rewrite Engine
Initiate the Apache mod_rewrite
module, allowing for URL rewriting.
RewriteEngine On
Check for HTTPS
Verify if the connection already uses HTTPS. If not, set up a redirect to the secure version.
RewriteCond %{HTTPS} off
Use www Prefix Method
Confirm that the host does not begin with www.
. If it doesn’t, create a redirect to the www version of the site.
RewriteCond %{HTTP_HOST} !^www.
Implement the Redirect
Establish the redirect to the HTTPS version of the site with the www prefix.
RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,R=301]
* Replace example.com
with your website’s domain name.
Without www Prefix Method
This is same like above but here instead of redirecting the website to www. version we are going to use non-www. version of it.
RewriteCond %{HTTP_HOST} ^www\.
Implement the non-WWW Redirect
This one will redirect to the HTTPS version of the site without the www prefix.
RewriteRule ^ http://example.com%{REQUEST_URI} [L,R=301]
Check/Test Your Website
Save and/or upload the .htaccess file to your server. Test your website to ensure the redirects are functioning correctly. Click inner pages and check thoroughly that it all works good.
For NGINX Server
If you are using Nginx Server then use the following steps:
For non-WWW version
Here’s the Nginx configuration code:
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
ssl_certificate /path/to/your/ssl_certificate.crt;
ssl_certificate_key /path/to/your/private.key;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /path/to/your/ssl_certificate.crt;
ssl_certificate_key /path/to/your/private.key;
}
For https with WWW version on NGINX
For www version of the website you can use the following in Nginx configuration file:
server {
listen 80;
server_name www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate /path/to/your/ssl_certificate.crt;
ssl_certificate_key /path/to/your/private.key;
}
By following these steps, you’ll enhance the security of your website and establish a consistent URL structure across whole website. You might have to edit the internal links code to point to the right version of your URLs. For example if you have selected https://www version then make sure all links in your code are also pointing to that version of URLs.
Always back up your .htaccess file or configuration file before making changes to avoid potential issues. If you get into some problems, seek assistance from your hosting provider or web developer. If nothing works out then you can contact me from my contacts page and I will try to help you out.