By Stephen

2011-02-07 18:37:54 8 Comments

I'm looking for a way to force SSL and www.

I've been able to force both separately but together I keep running into redirection issues. The following code works when handling a URL in this format: and properly redirects to but when the incoming URL is it will not forward to - Any suggestions?

EDIT: it should also send to

RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} !^www.example\.com$
RewriteRule ^(.*)$$1 [R,L]


@onpre 2019-08-18 19:52:09

I tested all the suggestions given above, but none covered the whole scenario.

I wanted all the visitors to go to

Some of the codes provided by other users worked to take non-secure and/or non-www URL to, however, none of them covered to be converted to "www" as well.

I have my website hosted with GoDaddy, in case this makes any difference.

This is the code that worked for me:

RewriteEngine On 
RewriteCond %{HTTP_HOST} !^www.example1\.com$ [OR]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$$1 [L,R=301]

The last line could be also:

RewriteRule ^(.*)$$1 [R,L]

But I used the code "301" to send the message "moved permanently" in the hope that Google and maybe other search engines will update old links.

@user67283 2016-07-21 00:02:12

Just implemented this for my site. Works like a charm! Added to the top of my .htaccess file. Redirects all instances of people typing www or not www, http or https.

# BEGIN HTTPS Redirect
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$$1 [R,L]
# END HTTPS Redirect

@itteam 2015-12-28 18:35:46

You could also use the following lines that I use and work flawlessly.

(Remove the top RewriteCond if you do not use CloudFlare)

RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"' [OR]
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=302]

@Lekensteyn 2011-04-07 19:04:24

The first line is used to prevent internal URL's from being rewritten. That might cause different pages to be displayed, so I've removed it.

If the host is or is not requested over HTTPS, it will be rewritten to I.e., it rewrites, and to in one action.

RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$$1 [R,L]

Documentation on mod_rewrite for Apache 2.2.

If you've subdomains like, the first rule should be as is. Otherwise, you can do a negative match against as well.

@Arvin 2011-03-08 12:39:23

Try this:

RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTP_HOST} !^www.example\.com$
RewriteRule ^(.*)$$1 [R,L]

@Piers Karsenbarg 2011-02-10 17:16:51

Doesn't the third line have to be:

RewriteCond %{HTTP_HOST} ^example\.com$

Related Questions

Sponsored Content

2 Answered Questions

[SOLVED] All pages are not being redirected to HTTPS when accessed using HTTP

1 Answered Questions

1 Answered Questions

1 Answered Questions

[SOLVED] Wordpress, Apache and Nginx: permalinks and cache

Sponsored Content