How do I force all visitors of my website to use secure connection (HTTPS)?

Refers to:

  • Plesk for Windows
  • Plesk for Linux

Created:

2016-11-16 13:12:41 UTC

Modified:

2017-01-24 22:09:51 UTC

1

Was this article helpful?


Have more questions?

Submit a request

How do I force all visitors of my website to use secure connection (HTTPS)?

Question

How do I force all visitors of my website to use secure connection (HTTPS)?

Answer

For Plesk 12.5 and lower:

Linux :

  1. Make sure that mod_rewrite Apache module is enabled:
    # httpd -t -D DUMP_MODULES | grep rewrite
    Syntax OK
    rewrite_module (shared)

or go to Home > Tools & Settings > Apache Web Server

  1. Create file .htaccess in document root of the domain and put following configuration inside:
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,QSA]
    </IfModule>

or

Go to Plesk > Domains > example.com > Websites & Domains > Web Server Settings (or Apache & nginx Settings) and add above configuration to Additional directives for HTTP . Refer this KB article to find more information about configure redirects in Plesk.

If nginx is enabled and static files are processed directly by nginx add the following rule in Plesk > Domains > example.com > Apache & nginx Settings > Additional nginx directives :

if ($ssl_protocol = "") {
rewrite ^/(.*) https://$server_name/$1 permanent;
}

Windows :

Follow the steps from this article .

or

Create file web.config in document root of the domain and put following configuration inside:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="http to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Temporary" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

For Plesk Onyx :

Go to Plesk > Subscriptions > example.com > Hosting Settings > under Security section click on Permanent SEO-safe 301 redirect from HTTP to HTTPS .

Have more questions? Submit a request
Please sign in to leave a comment.