23 October 2022

Using .htaccess to force redirect traffic from http to https is the most simple way in Apache. If you have more access to your server, you can do it in VirtualHosts configuration. With redirecting everything from port 80 to 443. You could do it in "settings.php". I wouldn't recommend this, because that way PHP will be executed before every redirect from http to https. Unless you want to be sure, if you think .htaccess could be overwritten.

Source code viewer
  1. # Insert these lines after the line with "RewriteBase /", 
  2.  
  3. ### Redirect to HTTPS ###
  4. RewriteCond %{HTTPS} off
  5. RewriteCond %{HTTP:X-Forwarded-Proto} !https
  6. RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Programming Language: Text