Enable HTTPS / SSL Browsing on Website, Folder or a Page

Print Page

SSL (Secure Socket Layer) is used for secured communication over the internet. This is mainly used by services such as banking, e-commerce, etc., and lately it’s also available on social networking sites such as Facebook and Twitter to prevent eavesdropping. Here I will show how you can force HTTPS browsing for users on your whole site, a particular folder or a particular page like the login page.

In order to make your website SSL enabled, you need a certificate (you can buy one from www.verisign.com), mod_rewrite module enabled server and access to .htaccess. When you have all three, open htaccess in an editor.

To always redirect a user to secure connection (https://), add the following lines to the .htaccess file:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$  [R,L]

Here, the .htaccess should be located in root directory of your server.

To enable HTTPS only for a particular folder, use this:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} foldername
RewriteRule ^(.*)$  [R,L]

Here, the .htaccess file should be placed inside the directory where you need to enable HTTPS.

To enable HTTPS only on a page or two, you can use the following rewrite rules:

RewriteRule ^page1(.*) https://%{SERVER_NAME}/page1$1 [R,L]

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}