Site Menu

How to Force a WWW and SSL Redirect

Here's the basic htaccess code to force a WWW into the URL. It also optionally redirects to the HTTPS version of the url.

by Scot Ranney

One of my clients recently asked me to make it so the URL forces to WWW and HTTPS. Hope this helps!

RewriteEngine on
# WWW
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# SSL/HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]

Basically, the WWW redirect checks to see if there's a WWW in the URL and adds it if it isn't, then it checks to see whether the URL is secure or not and redirects to the HTTPS URL if not.

Both of these rules are discussed on Stack Overflow, a great forum with a lot of answers about common (and a lot of uncommon) issues developers run into. 

The WWW section of the htaccess code above comes from: http://stackoverflow.com/a/495...

The SSL section comes from: http://stackoverflow.com/q/243...

Note: turn off the SSL redirect by removing the lines under # SSL/HTTPS

This page might use cookies if your analytics vendor requires them.