cPanel has introduced a new feature called force https redirection under it’s Domain interface. No longer will a manual .htaccess redirect, plugin, or Apache configuration update be required. Now, an end user can toggle a switch to redirect visitors to the secured version of your sites!

In the Domains interface in cPanel (Home >> Domains), there’s an option to enable Force HTTPS Redirection from the insecure version (HTTP) to the secure version (HTTPS) with a toggle switch. This information is stored in the account’s userdata files (/var/cpanel/userdata), and the redirection is built into the domain’s host configuration.

All domains with valid SSL certificates can have redirection enabled.  Aliases (historically called Parked Domains) will inherit their redirection status from their parent domain.

Why is this a good thing?

Having an SSL on your website enables the padlock icon in the left side of the URL bar of your browser:

This informs your site’s viewers that the site is secured and that data transferred back and forth between the end user and the site is encrypted. There are several added benefits (aside from security) that having an SSL on your site provide.

If you’re a WordPress user (as many of you are), or are actively trying to increase your page’s rank in Google searches, Google announced that websites using HTTPS would get a slight ranking factor boost in searches using their engine. Additionally, the newer HTTP/2 protocol has proven to have faster performance than the standard HTTP but requires HTTPS due to browser support.

Alternate method:

You may need to create a .htaccess file, and you can use your control panel’s File Manager.

Using the following code in your .htaccess file automatically redirects visitors to the HTTPS version of your site:

RewriteEngine On RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

If you have an existing .htaccess file:

  • Do not duplicate RewriteEngine On.
  • Make sure the lines beginning RewriteCond and RewriteRule immediately follow the already existing RewriteEngine On.

This will automatically redirect your bare domain to the secure HTTPS version.

Note: Custom site code can cause issues with the above method, which can be out of our scope of support.

If the above steps are out of your technical knowledge or ability, we recommend contacting a website developer (outside of us) to assist.

You will need a valid SSL certificate for your domain for above process to work else it will display invalid SSL certificate issue. To know how to install SSL certificate for your domain follow this guide.