How to Force SSL on a website

The following methods can be used to force visitors of your website to use HTTPS.

Plesk Onyx

For customers on Plesk Onyx or higher, you can utilize Plesk to enable an IIS redirect to force SSL. 
  1. Log into the Plesk control panel
  2. Go to Subscriptions
  3. Select your subscription
  4. Click Hosting Settings
  5. Check Permanent SEO-safe 301 redirect from HTTP to HTTPS
  6. Click Apply or OK

Plesk 12.5 and Below

On older versions of Plesk, you must implement this in your web.config file. Place the following IIS rewrite rule inside of the <system.webServer> section of your web.config:
<rewrite>
    <rules>
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
        <match url="(.*)" />
        <conditions>
        	<add input="{HTTPS}" pattern="off" ignoreCase="true" />
        </conditions>
        <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
        </rule>
    </rules>
</rewrite>
If you want to check how the redirect is working you can use the following site to check:
 
 

Apache/Nginx .htaccess

For servers that are running on a Linux environment, you can use the following information to update your .htaccess file. Additionally the steps provided at the beginning of this KB still apply if you are running Plesk Onyx or higher on your Linux environment. If you need assistance with accessing this file please use this KB:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Please Note: It is best practice that you'll want to make sure this type of redirect is at the top of your .htaccess file
 
 

Add Feedback