Home Website Hosting, Website PromotionUsing .htaccess to redirect to https and www

Using .htaccess to redirect to https and www

December 29, 2023

HTTPS and WWW Redirect Instructions

Before reading on, note that the Apache .htaccess file is deceptively powerful. Syntax errors in this file can temporarily make your website inaccessible. That said, as long as you have backed up your previous .htaccess file, you are generally safe to make adjustments, knowing that you can revert to your backed-up file if anything goes wrong. As such, please back up a safe copy of your existing .htaccess file before making any changes. Once you’ve done that, read on for a guide as to how you can force web requests to redirect to the https version of your website, while always displaying the “www” sub-domain as canonical in the website’s URL.

Creating an .htaccess file to redirect your website to HTTPS and append the www sub-domain can be a great way to improve your site’s security and SEO. Search engines can treat non-www and www versions of the same website as separate URLs, which may create duplicate content and indexing issues. By showing both viewers and search engines that only the www version of your URLs should be accessed, this becomes your canonical address and can therefore help your search engine rankings. Also, forcing all requests to use https is both good for SEO, and helps to safeguard your users’ data as they interact with your website.

This tutorial is designed for website publishers of any experience level, so I’ll walk you through each step in detail.

Step-by-Step Tutorial for Creating an .htaccess File

Step 1: Access Your Website’s Root Directory

  1. Log into your web hosting account. This is usually done through a control panel like cPanel, Plesk, or a similar web hosting dashboard, but may also be done through FTP if you’re comfortable using that method.
  2. Navigate to the File Manager. This is where all your website files are stored.
  3. Locate your website’s root directory. Typically, this is named public_html or www.

Step 2: Check for an Existing .htaccess File

  1. Search for an existing .htaccess file in your root directory. It’s a hidden file, so you might need to enable ‘Show Hidden Files’ in your file manager settings.
  2. If the file exists, download a backup before making changes. This is vital! Do not make any changes until you have a safe backup ready to restore if anything goes wrong.
  3. If the file doesn’t exist, you’ll create a new one.

Step 3: Create or Edit the .htaccess File

  1. Right-click in the file manager and select ‘Create New File’ if you don’t have an existing .htaccess file. Name it .htaccess.
  2. Edit the file by right-clicking on it and selecting ‘Edit’ or ‘Code Edit’.

Step 4: Write the Redirect Code

  • Copy and paste the following code into your .htaccess file:
    # Force HTTPS + WWW (canonical)
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,R=301]
</IfModule>
    • Change example.com to match your actual domain name. Failing to do this will redirect visitors to a different website, which you don’t want to happen.
    • To explain what is happening:
      • RewriteEngine On activates the rewrite module.
      • RewriteCond lines set the conditions for the redirect. We redirect when the request is not HTTPS or the hostname is not exactly the canonical hostname.
      • RewriteRule defines the action taken when conditions are met: redirect to https://www. version of your site.
    • Ensure no syntax errors. Mistakes in the .htaccess file can make your website inaccessible. Again, don’t panic about this – but make sure that you can restore a backup of the original file before making changes.

    Step 5: Save and Upload the File

    1. Save the changes to the .htaccess file.
    2. If you created a new file locally, upload it to your website’s root directory using the file manager or an FTP client.

    Step 6: Test Your Website

    1. Open your website in a web browser.
    2. Test different URLs (both with and without ‘www’, and with ‘http’ instead of ‘https’).
    3. Ensure they all redirect to the https://www.example.com version of your site.

    Troubleshooting

    • Common mistake: Avoid building redirect targets dynamically using the incoming hostname. This can lead to redirect loops or invalid URLs. Always redirect to a single, known canonical address.
    • If your website is inaccessible, restore the backup of your .htaccess file.
    • Check for typos in the code.
    • If you use a CDN or reverse proxy that terminates SSL, Apache may see HTTP even when visitors see HTTPS; follow your host/CDN’s recommended HTTPS detection in that setup.
    • Consult your hosting provider’s support if you’re unsure about any steps.

    Conclusion

    You’ve successfully set up an .htaccess file to redirect your website to HTTPS and ensure that the www sub-domain is used. This not only enhances your site’s security but also helps with search engine optimization.

    Remember, it’s always good to have a backup of your website files before making any changes. If you encounter issues, don’t hesitate to reach out to your web hosting provider’s support team for assistance. Good luck!

    Visited 385 times, 1 visit(s) today
    Was this article helpful?
    YesNo

    Last modified: December 17, 2025

    Related Articles

    How to Do Keyword Research for Free in 2025
    Unlocking Success: What Makes a Great Blog Post?
    How to Perform an SEO Audit: Tools, Tips, and Best Practices
    Using .htaccess to redirect to HTTPS and non-WWW
    Mastering Google’s SERPs: Key Ranking Factors and How to Optimize Them
    The Art of Building Inbound Links: A Practical Guide for Web Publishers

    Leave a Reply

    Close Search Window