In the previous article, we described on How to Setup Cloudflare SSL and Configure Origin Certificate for Apache. Now, if you have SSL certificate active on your domain, then you may want to force all requests to https. In this guide, you will learn how to force redirect incoming requests from http to https in Apache and Nginx web server.

Force Redirect in Apache Server

Using virtual host configuration file

In your Apache virtual host configuration file, you can add these at the end to force redirect http and www to non-www https.

# Redirect www to non-www and force https
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
# End Redirect www to non-www and force https

So, the virtual host configuration file will look like this:

<VirtualHost *:80>

    # Redirect www to non-www and force https
    RewriteEngine On
    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} ^www\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
    RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
    # End Redirect www to non-www and force https
</VirtualHost>

Here, you will also need to have a virtual host file for port 443.

<VirtualHost *:443>
    # Server Name (domain name), and any aliases
    ServerName  example.com
    ServerAlias www.example.com

    # Index file and Document Root
    DirectoryIndex index.html index.php
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/example.com.pem
    SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
</VirtualHost>

After, you will need to reload Apache virtual host configuration file using the following command:

> sudo service apache2 reload

Or, you can restart Apache web server using any of the following commands:

> sudo service apache2 restart
> sudo /etc/init.d/apache2 restart

Using .htaccess file in Apache

In your Apache .htaccess for your document root, you can add these to force redirect http and www to non-www https. Here, you need to replace “example.com” with your domain name.

# Redirect To HTTPS
#RewriteCond %{HTTPS} off [OR]
#RewriteCond %{HTTP_HOST} ^www\. [NC]
#RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

So, the .htaccess file will look something like this:

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Redirect To HTTPS
    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} ^www\. [NC]
    RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]
</IfModule>

Force Redirect in Nginx Server

Using virtual host configuration file

In your Nginx virtual host configuration file, you can add these server blocks to force redirect http and www to non-www https.

# Force all requests to https://example.com

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name www.example.com;

    ssl_certificate /etc/nginx/ssl/example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;
    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;
    root /var/www/html

    ssl_certificate /etc/nginx/ssl/example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;
}

To force redirect http and non-www to https www, you can modify the server blocks like this:

# Force all requests to https://www.example.com

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/nginx/ssl/www.example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/www.example.com.key;
    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name www.example.com;
    root /var/www/html
	
    ssl_certificate /etc/nginx/ssl/www.example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/www.example.com.key;
}

After, you will need to reload Nginx virtual host configuration or restart your Nginx web server.

You can reload Nginx virtual host configuration file using the command:

> sudo nginx -s reload

You can restart Nginx server using any of the following commands:

> sudo systemctl restart nginx
> sudo service nginx restart
> sudo /etc/init.d/nginx restart

Leave a comment

Your email address will not be published. Required fields are marked *