With the recent hint from Google that it will be placing a higher emphasis on secure (https://) sites, more and more Magento site owners are opting to put their entire site under SSL. This knowledgebase provides instructions on how to easily redirect all http requests to https.
- For information related to SEO, see https://yoast.com/moving-your-website-to-https-ssl-tips-tricks/.
- For an in-depth guide on SSL Certificates, and how SSL works, see https://pixelprivacy.com/resources/ssl-certificate/.
There are a number of methods provided, depending on your requirements:
1. Using Apache Rewrite Rules
This approach is the most comprehensive, and ensures that any URL attributes are carried through. This may be important if you have any tracking or statistics URL's that require a redirect to the https:// version.
- Set the base url for both secure and unsecure in the backend (System > Configuration > General > Web). Set yes in "use secure url in frontend".
- Add the following to your .htaccess file or Apache server configuration:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
2. Via local.xml
This approach is the most elegant and easiest to implement, however, it will not preserve URL attributes in the query string.
- Set the base url for both secure and unsecure in the backend (System > Configuration > General > Web). Set yes in "use secure url in frontend".
- Login via FTP or SSH and edit your app/etc/local.xml to include the following:
<config>
<frontend>
<secure_url>
<all>/</all>
</secure_url>
</frontend>
</config>
3. Via Plesk Onyx (17.5.3+)
Simply tick the "Permanent SEO-safe 301 redirect from HTTP to HTTPS " in Hosting Settings > Security
4. Via Plesk 12
In Plesk, go to Domains > example.com > Web Server Settings and paste the following directives to the "Additional directives for HTTP" field:
RewriteEngine on RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Add the following directives to the "Additional nginx directives" field (if available):
if ($ssl_protocol = "") { rewrite ^/(.*) https://$server_name/$1 permanent; }