How to redirect all http:// requests to https:// in Magento

With the recent hint from Google that it will be placing a higher emphasis on secure (https://) sites, more and more Magento site owners are opting to put their entire site under SSL. This knowledgebase provides instructions on how to easily redirect all http requests to https.



Please Note: If you do not have a SSL certificate on your site, this could cause errors. Please make sure that you have a SSL certificate installed and properly working before attempting this.


There are a number of methods provided, depending on your requirements:

1. Using Apache Rewrite Rules

This approach is the most comprehensive, and ensures that any URL attributes are carried through. This may be important if you have any tracking or statistics URL's that require a redirect to the https:// version.

  1. Set the base url for both secure and unsecure in the backend (System > Configuration > General > Web). Set yes in "use secure url in frontend".
  2. Add the following to your .htaccess file or Apache server configuration:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


2. Via local.xml

This approach is the most elegant and easiest to implement, however, it will not preserve URL attributes in the query string.

  1. Set the base url for both secure and unsecure in the backend (System > Configuration > General > Web). Set yes in "use secure url in frontend".
  2. Login via FTP or SSH and edit your app/etc/local.xml to include the following:

    <config>
        <frontend>
            <secure_url>
                <all>/</all>
            </secure_url>
        </frontend>
    </config>


3. Via Plesk Onyx (17.5.3+)

Simply tick the "Permanent SEO-safe 301 redirect from HTTP to HTTPS " in Hosting Settings > Security



4. Via Plesk 12

In Plesk, go to Domains > example.com > Web Server Settings and paste the following directives to the "Additional directives for HTTP" field:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Add the following directives to the "Additional nginx directives" field (if available):

if ($ssl_protocol = "") {
rewrite ^/(.*) https://$server_name/$1 permanent;
}
Premium Support

If you are a Create Hosting customer on a Magento Hosting Plan, feel free to submit a support ticket so we can set the most suitable method for you.

  • magento, ssl
  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

How to upgrade Magento 1.3 to 1.4.1.1

The Magento 1.3 to 1.4.1.1 upgrade is quite complex, as there are many changes to the database...

How do I make my Magento site temporarily unavailable (put into maintenance mode)?

There may be times when you need to perform an upgrade and don't want your website to be accessed...

How to disable compilation in Magento

In general, Create Hosting customers shouldn't need compilation enabled, since our Magento...

How to activate the Mobile HTML5 theme in Magento 1.7 (for Android, Blackberry, iPhone, iPod, Windows Mobile, etc)

Magento 1.7 comes with a new Mobile HTML5 theme out of the box. This should be compatible with...

How to fix broken or slow Sales Order Address editing via Magento Admin

We recently came upon an issue in a Magento 1.5* instance where any attempt to edit the customer...