cPanel Plesk

How to force HTTPS on your website

By Angus Published 18 November 2021 Updated 4 March 2026 4 min read

Forcing HTTPS ensures all visitors connect to your website over an encrypted connection. Without HTTPS enabled, browsers flag your site as insecure and visitors see warnings that damage trust. This prevents data interception and confirms your SSL/TLS certificate is protecting every page.

You will configure server-level redirects to force HTTPS connections. This works by automatically redirecting HTTP requests to their HTTPS equivalents, ensuring no visitor accidentally loads an insecure version of your site.

Before you begin

  • An SSL/TLS certificate must be installed on your domain.
  • You need access to your hosting control panel or FTP client.

Force HTTPS using .htaccess

The .htaccess file controls server behaviour for your website. Adding redirect rules here forces all HTTP traffic to HTTPS at the server level, which works across all pages automatically.

  1. Enable viewing of hidden files.
    In cPanel, click the Settings icon in the top right corner of File Manager. Tick the box labelled Show Hidden Files (dotfiles) and click Save. This makes the .htaccess file visible.
cPanel File Manager settings showing the option to enable viewing of hidden dotfiles
Enable hidden files in cPanel File Manager settings.
  1. Locate your .htaccess file.
    Navigate to your website’s document root directory, typically named public_html or www. Find the .htaccess file in this directory.
  2. Add the redirect code.
    Right-click the .htaccess file and select Edit. Add the following code at the top of the file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This code checks if HTTPS is off and redirects the request to the HTTPS version using a permanent 301 redirect.

  1. Save the file.
    Click Save Changes in the top right corner of the editor. The redirect rules are now active.
  2. Test the redirect.
    Open your browser and visit http://yourdomain.co.uk (replacing yourdomain.co.uk with your actual domain). The URL should automatically change to https://yourdomain.co.uk.

Force HTTPS in cPanel

cPanel provides AutoSSL, which installs free SSL certificates and configures HTTPS automatically. This method handles both certificate installation and HTTPS enforcement through the control panel interface.

  1. Access SSL/TLS Status.
    Log in to cPanel and locate the Security section. Click SSL/TLS Status.
cPanel Security section showing the SSL/TLS Status option
SSL/TLS Status in the cPanel Security section.
  1. Select your domain.
    Tick the checkbox next to the domain you want to secure. If multiple domains are listed, select only the one you are configuring.
  2. Run AutoSSL.
    Click Run AutoSSL at the top of the page. cPanel requests a certificate from the issuing authority and installs it automatically. Wait for the success notification to appear.
cPanel AutoSSL control interface showing the Run AutoSSL button
Run AutoSSL to install and configure SSL certificates.
  1. Verify HTTPS is active.
    Visit your website using https://yourdomain.co.uk. The padlock icon should appear in your browser’s address bar, confirming the secure connection.

Force HTTPS in Plesk

Plesk includes built-in SSL management and redirect options. You will enable SSL support and configure a permanent redirect in the hosting settings for your domain.

  1. Open Websites & Domains.
    Log in to Plesk and click Websites & Domains in the left sidebar. This displays all domains on your hosting account.
  2. Access Hosting Settings.
    Find the domain you want to configure and click Hosting Settings from the options menu.
  3. Enable SSL and redirects.
    Scroll to the Security section. Tick the boxes for SSL/TLS support and Permanent SEO-safe 301 redirect from HTTP to HTTPS. This forces all HTTP traffic to redirect to HTTPS using a search engine friendly redirect.
  4. Select your SSL certificate.
    Use the dropdown menu to select the correct SSL certificate for your domain. If you have installed a certificate through Plesk, it appears in this list.
  5. Save the configuration.
    Click OK at the bottom of the page. Plesk applies the settings and your site now forces HTTPS connections.

Wrapping up

Your website now forces HTTPS connections for all visitors. You configured server-level redirects using .htaccess, cPanel AutoSSL or Plesk hosting settings. Browsers display the padlock icon, confirming your SSL/TLS certificate is protecting visitor data.

Test your site by visiting different pages and checking that the URL always shows https://. Our web hosting plans include free SSL certificates and automatic HTTPS configuration.

UWH
SAVE 16%

Your Website Supercharged

Solo cPanel Hosting

£2.99 £2.09/mo

GET WEB HOSTING

Categories

Ready to get started?

Launch your website with our reliable cPanel hosting with unlimited bandwidth and expert support.

Get cPanel Hosting

Need a domain?

Find and register the perfect domain name for your website.

Search Domains