New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Forcing SSL with .htaccess, cPanel & CloudFlare
HostBastic
Member, Host Rep
in Tutorials
Using the following code in your .htaccess file automatically redirects visitors to the HTTPS version of your site:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If you have an existing .htaccess file:
- Do not duplicate RewriteEngine On.
- Make sure the lines beginning RewriteCond and RewriteRule immediately follow the already-existing RewriteEngine On.
Forcing SSL via cPanel follow this steps:
- access the redirects section
- set permanent (301) redirect
- choose the domain name
- enter the site's url using the SSL certificate
- make sure wild card redirect is selected
- select redirect with or without www
Forcing SSL via CloudFlare follow this steps:
- Login into your CloudFlare account, choose the domain which you wish to enforce the SSL.
- From there select the Page Rules section and select Create Page Rules.
- Add your URL and select Add a Setting.
- Under Add a Setting select SSL and for SSL Settings choose Full.
Thanked by 1armandorg
Comments
Obligatory warning that "CloudFlare SSL" is not "real" SSL/TLS, as it does not provide you with the security that TLS is meant to provide. More details are here.
You may be able to do something like this in the vhosts conf file also.
Just found it
I'm using this .htaccess for my site
My question, which is the best? And what is the difference?
I mean they all get the job done and they all do it well. I think it's more of what do you have access to? If you don't have access to the virtual hosts then you use the .htaccess but honestly they all get the job done without any noticeable speed difference.
I mean the difference of your htaccess and my htaccess, and which is the best?
Took your post seriously until I saw the recommended providers at the bottom.
Redirecting via apache.conf or httpd.conf is better than redirecting via .htaccess and will result in less CPU load.
You are actually on the hook for a look up for the .htaccess file any time AuthConfig is set to do so. There are many things in Apache which make it slower - but the overhead for this is incredibly negligible and the days of SSD. The load generated is also primarily disk IO, rather than any further CPU overhead, and is less than that of an interpreted language including a local file.
Oh good, I'm not the only one who pissed laughing at "ServerCrate"
Nice guide. If you use Cloudflare Free you should use .htaccess instead of Page Rules. You only have 3 rules for free so that will save you one.
Redirect www to https
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
I'm not really interested in pissing contests or personal vendettas regarding providers. If either of you dislike the recommendations, you're welcome to put together your own list.
But if you heavily imply that you somehow take the rest of the article less seriously because somebody listed an option that you disagree with, despite the suggested options being unrelated to the rest of the (technical!) points made in the article... yeah, well, I'd say you have some self-reflection to do, and that the issue is probably not with the article.
I was just taking the piss mate
If you just want to restrict a directory to be accessible only with SSL/TLS, you could also just put
SSLRequireSSL
in the.htaccess
file. It is not as user friendly perhaps.How about IP to domain via vhost? having problems with one of my VPS.
Oppppps....I saw this post was posted here http://forumweb.hosting/14501-forcing-ssl-with-htaccess-cpanel-amp-cloudflare.html and showing on their homepage
http://forumweb.hosting/
How can you repost this content? It is not allowed by their forum rules there.
nice share dude..