SSL Certificates are considered a necessity with any website which stores or transfers any personal information. Users visiting your website are looking for and expecting to see evidence that their data will be securely transmitted, and it is a webmaster’s responsibility to provide such protection to their users.

SSL Certificates are an excellent tool to maintain the trust of your new and current user base. Without such a prominent and industry standard security measure in place, many users will simply “bounce” off of your website, as for a majority of the users of the internet, it is not worth the unknown risk to them to transmit their personal information to a destination which has not invested in such security measures.

Now that you have gotten your SSL Certificate installed, your site is ready to be viewed via https:// . However, for users typing in your web address in a search engine or their address bar, https:// is not the standard URL prefix which will be applied when connecting to your website. By default, all web browsers automatically make an http:// connection, which is not encrypted. With that, your current dilemma is how to you force your web site users to automatically connect with the secure https:// protocol, rather than the default http:// .

This brief guide will help you easily enforce the usage of your SSL Certificate and help you maintain the trust and confidence of your userbase with your SSL encrypted connection.

This is a simple implementation of how to redirect all HTTP requests to HTTPS. If you are wanting to ensure that all traffic to your site uses HTTPS, this apache .htaccess override will ensure this is done properly. The configuration can be applied in the form of a .htaccess file for Apache Web Server, or directly into Apache’s httpd.conf file under the proper virtual host.

In your .htaccess file, append in the following rules. Be sure to change “your_server.com” with your actual domain name you want to use.

Please note that you should not include the path or directory, as this will be dynamically detected, and appended to the rewrite rule based on the directory / page that the user is viewing as the redirect executes.