How to use Apache to redirect all traffic from http to https

If your website uses Apache and SSL, there’s not much reason to keep using HTTP with your website. Having both HTTP and HTTPS just creates duplicate content, as now any given page will be accessible through two technically different URLs.

In this guide, we’ll assume you’re already using Apache on a Linux system and want to redirect all HTTP traffic to HTTPS. This will make sure that all your visitors are only connecting through HTTPS by forcing their browser over to the secure protocol if they happen to open an HTTP link. If a user decides to preface a link with http://, your site will be smart enough to still send them to the correct page, rather than showing duplicate content or displaying a 404 error.

There are two ways to set up this redirection in Apache. The better method is to configure Virtual Host, but users with hosted websites may not have access to this configuration. The second method is by making some changes to the .htaccess file. We’ll cover the step by step instructions for both methods below. Let’s get started.

In this tutorial you will learn:

  • How to redirect HTTP to HTTPS with Virtual Host
  • How to redirect HTTP to HTTPS with .htaccess file

Redirect HTTP traffic to HTTPS in Apache

Redirect HTTP traffic to HTTPS in Apache

Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Any Linux distro
Software Apache
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

Redirect HTTP to HTTPS with Virtual Host

On Ubuntu, Debian, and its derivatives, you’ll find the virtual host files in /etc/apache2/sites-available. Open the appropriate file in a text editor of your choice:

$ sudo vi /etc/apache2/sites-available/example.conf


On RedHat, CentOS, Fedora, and other derivatives, you’ll find the virtual hosts configuration in:

$ sudo vi /etc/httpd/conf.d

This file can be used to redirect traffic, among many other things. If you’re already using HTTP and HTTPS on your website, you should have at least two Virtual Hosts already in the file – one for 80 (HTTP) and one for 443 (HTTPS). To redirect the HTTP traffic, we’ll need to add the following line:

Redirect permanent / https://example.com/

Add it somewhere inside the <VirtualHost *:80> heading, like in the example below:

Example Virtual Host configuration with the HTTP traffic redirected to HTTPS

Example Virtual Host configuration with the HTTP traffic redirected to HTTPS

Save your changes and exit this file when you’re done. For the changes to take effect, you’ll need to reload the Apache config with the following systemctl command:

$ sudo systemctl reload apache2 # Debian, Ubuntu
OR
$ sudo systemctl reload httpd # Red Hat, CentOS, Fedora

Redirect HTTP to HTTPS with .htaccess file

If you don’t have access to Virtual Host configuration, the .htaccess file will be your only option. It can be found in the root directory of your website, which should be accessible regardless of what web host you’re using.

Simply edit this file and add the following lines of code to it. You can just paste them at the bottom of the file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]


That’s all there is to it. You should notice the changes instantly when navigating to your website, as Apache doesn’t need to be reloaded for those changes to take effect.

Closing Thoughts

HTTPS is definitely the way to go. In this article, we saw how easy it was to redirect all traffic to HTTPS and get rid of HTTP entirely. Either of these methods are viable for forcing HTTP traffic over to HTTPS on your website.



Comments and Discussions
Linux Forum