Support

Find answers, guides, and tutorials to supercharge your content delivery.

How to Redirect HTTP to HTTPS

Updated on February 17, 2023
How to Redirect HTTP to HTTPS

The adoption of HTTPS has been growing rapidly, especially with the recent release of free SSL certificates via Let's Encrypt. In fact, as of November 1, 2022, Let's Encrypt has issued more than 309 million certificates in total with approximately 239 million of them currently active.

The percentage of web page loads using HTTPS to deliver content has been steadily increasing over the years, as more websites adopt this more secure protocol. According to the Google Transparency Report, as of February 2023, the global average percentage of pages loaded over HTTPS on Google Chrome was 98.6%. This is a significant increase from just a few years ago when HTTPS usage was around 50%. The adoption of HTTPS for delivering web content is widespread and has been increasing over the years.

This is largely due to the push for increased security on the web and the availability of free and low-cost SSL/TLS certificates, which make it easier for website owners to implement HTTPS.

Overall, it is clear that HTTPS is becoming the standard for delivering web content, and it is expected that this trend will continue as more website owners recognize the importance of secure communication on the web.

However, what exactly are the benefits of using HTTPS over HTTP?

Benefits of redirecting HTTP to HTTPS

Apart from the security benefits that SSL certificates provide, there are also multiple additional benefits to delivering content over HTTPS as opposed to HTTP, these include:

  • Performance Benefits - Since browsers currently only support HTTP/2 over HTTPS, you can take advantage of the performance benefits that exists from using the new HTTP/2 protocol. Features of HTTP/2 include: it is fully multiplexed, uses header compression, one connection for parallelism, etc.
  • SEO Rankings - Google announced back in 2014 that they would be using HTTPS as a ranking signal. This means that if your site is delivering content over HTTPS you will receive a slight boost in the Google SERPs.
  • Building Trust - Apart from performance, security, and SEO rankings, using HTTPS simply helps build the trust of visitors. It is important to establish a certain level of trust with your website visitors to let them know that their data is safe when browsing / using your website or web-based service.

How to redirect HTTP to HTTPS

The following sections explain how to redirect HTTP to HTTPS using various web servers. Depending upon the web server you're using, simply implement the specific HTTP to HTTPS redirection rules that apply to your setup. It is assumed that you have already installed an SSL certificate on your origin server and that your assets are accessible over HTTPS when visiting them directly. In case, you don't already have an SSL certificate, learn how to order an SSL certificate.

Nginx

If you're using Nginx, add the following snippet to your configuration file. Remember to replace domain.com with your actual domain name.

server {
    listen 80;
    server_name domain.com www.domain.com;
    return 301 https://domain.com$request_uri;
}

Save these changes, and reload Nginx with the following command: service nginx reload. Now, test your site to ensure that the redirect is working properly. Try visiting the HTTP version such as http://domain.com and verify that it properly redirects you to the https:// protocol.

Apache

Alternatively, if you are using an Apache web server, you can redirect HTTP to HTTPS via the .htaccess file. This method can also be used on other web servers if you are using an .htaccess file (e.g. WordPress CMS).

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Add the snippet above to the top of your .htaccess file and save your changes. Then, to ensure the .htaccess rules are properly configured, test the http:// version of your domain to ensure that it is properly 301 redirected to its https:// version.

IIS

Lastly, for IIS users the HTTP to HTTPS redirection process is slightly different. You'll need to install the URL Rewrite Module for IIS. Once done, you can add the following snippet to you web.config file in the root directory.

<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="https redirect">
                    <match url="(.*)" ignoreCase="false" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="false" />
                    </conditions>
                    <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

Once complete, simply save your web.config file and test an http:// link to your website to ensure that it is being redirected to the https:// version.

Learn more about migrating from HTTP to HTTPS

Apart from simply performing a redirect from HTTP to HTTPS, there are also other modifications that must be done in order to fully migrate your site to HTTPS. For example, you must ensure that any hard coded links are updated to use HTTPS, your robots.txt file is updated, your Google Search Console sitemap properly reflects the change to HTTPS, etc. Additionally, if you're using a CDN, all hard coded CDN links should be updated and HTTP/2 should be enabled (given that you are using a CDN which supports HTTP/2).

To ensure you have accounted for all the changes necessary, read through our complete guide on how to migrate from HTTP to HTTPS.

Supercharge your content delivery 🚀

Try KeyCDN with a free 14 day trial, no credit card required.

Get started
KeyCDN uses cookies to make its website easier to use. Learn more