Redirect http to https


(David Jenner) #1

I realise what I am about to ask has been asked many times on this forum before but I am experiencing similar difficulties in trying to redirect my http site to https.

The site is hosted with 123-Reg.co.uk and the domain is…
http://www.hiabhireuk.com
and here are my FTP details for the upload…

I have clicked on the edit .htaccess File and inserted the following code…


which broke the site

I then tried…


which also didn’t work.

I found this bit of code on the 123-Reg site here…

&Order deny,allow
Deny from all
Allow from env=SSL

but that also seems to break it.

So I have removed the code altogether so the site can at least be seen on http and https.

Can anyone help advise on how I can fix this, I have contacted their support line and they told me I have to figure out how to configure RapidWeaver to do this on my own.


(Jason Bostick) #2

That’s a pretty sad customer service response. Hosts might vary but this is one that worked for me in the past:
RewriteEngine On RewriteCond %{HTTP_HOST} ^example\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Also, I dont know how RW works if there is already an htacces file on your server. Might want to double check that…


(Joe Workman) #3

Try this one…

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Also listen to


(Doug Bennett) #4

Here is a rule that doesn’t even require you to add the URL (should work on anysite):

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Here is an htaccess file tester, so you can test the redirect rules before you add them to your site:
https://htaccess.madewithlove.be

And if you want to check each page of the site for mixed content (active mixed content will break the site), before you switch:
https://www.whynopadlock.com/


(Thorsten Beck) #5

Here is the rule that I am using:

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^.*$ https://%1/$1 [R=301,L]

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

(David Jenner) #6

Thank you all for your responses, I have tried all of these and none of them work so I have emailed 123-Reg.co.uk support to see if they can give me an answer. I shall report back.


(David Jenner) #7

OK 123-Reg have come back with this .htaccess code…
RewriteEngine On
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

But it still doesn’t appear to have worked so I am now at a complete loss. So frustrating!
The hosting company support response said if this doesn’t work then I need to seek help from a developer as coding support falls outside of their scope!

The non secure website is http://www.hiabhireuk.com/
and the secure is https://www.hiabhireuk.com/

How can I get the non secure to automatically redivert to the secure?


(Dave Farrants) #8

HTTP link redirects to HTTPS for me on Chrome / Firefox / Safari


(David Jenner) #9

Aha! It looks as if my cache might have been the issue, it appears to be all working now. What a relief.

Thanks to everyone who helped me on this issue before I pulled all my hair out. Keep up the great work guys, I love RapidWeaver and this forum!


(Doug Bennett) #10

The code given to you is like the code I gave you in my post with one difference. It has no return code.
That means it’s going to more than likely use the default 302 temporary redirect. I’m on my iPad, so I can’t check it right now.

  • Status 301 means that the resource (page) is moved permanently to a new location. The client/browser should not attempt to request the original location but use the new location from now on.
  • Status 302 means that the resource is temporarily located somewhere else, and the client/browser should continue requesting the original url.

Search engines will penalize you for continuous use of the 302. Some of the bad folks out there try to play a URL “shell game” using 302’s.

Status 301 being a permanent move prevents this shell game. Because they are permanent you need to be careful, there’s kinda “no way back”. They have no expiry associated with them, so they technically can be cached forever.

  1. My suggestion is to use the test tool above first.
  2. Test every page (or a good sample) with each combination (HTTP,HTTPS, WWW, non-WWW, sub domains, etc). It’s good to put together a “script” for this to reuse.
  3. “Go Live” first with a 302 (same script above change the 301 to 302)
  4. Retest everything (step 2)
  5. Change the 302 back to 301
  6. Retest everything again (step 2)

This is a major change to your site, it effects every page and every resource.


(David Jenner) #11

OK new update…

It turns out that it wasn’t my cache at all, the reason why it is now working is because the host support rep noticed the .htaccess file had not some incorrect line endings. He fixed it on the server and that is why it is now functioning properly.


(Doug Bennett) #12

Your website when entered without the https ( http://www.hiabhireuk.com ) is redirecting fine to https but is returning a 302 status - temporarily move. You need to fix that.
http://www.redirect-checker.org/index.php