In order to make connections to your site more reliable and secure and to guarantee their origin as well as their confidentiality, you can force any attempt to connect via a non-secure access to your site (using the http protocol) to do so via the secure access (using the https protocol).
You have two options to do this :
1. Enable the option in your cPanel
The first step consist to log into your cPanel account.
Once in your cPanel, go to DOMAINS>Domains section:
In the list find the domain name you want to secure :
Enable the option Activez l'option "Force HTTPS redirect" :
Wait a few moments before this redirection is functional on your site.
2. Modify the .htaccess
To do this, you must modify the ".htaccess" file located at the root of your site by adding the following lines:RewriteEngine On
RewriteRule "^.well-known/acme-challenge" - [L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If you don't know how to modify your ".htaccess" file, here are descriptions of several methods that will allow you to do so:
Method 1: FTP access
- Upload your ".htaccess" file via your FTP account;
- Modify the downloaded file with a suitable plain text editor to add the lines mentioned above;
- Save your modified file;
- Upload your new modified ".htaccess" file overwriting the old one to your account via your FTP access.
Method 2: control panel
- Connect to your control panel;
- In the"FILES" tab, click on"File Manager";
- At the top right of the File Manager, click on"Settings";
- In the window that appears, check the box"Show hidden files (dotfiles)" ;
- Confirm your settings by clicking on"Save";
- Navigate to the root folder of the site for which you want to force secure access (usually the"public_html" folder);
- Right click (or Ctrl+Click on MacOS) on the file named ".htaccess" that is there, and in the contextual menu that appears, select the"Edit" item;
- If necessary, validate the edition in the proposed format (usually"utf-8") and click on the"Edit" button;
- Modify the file by adding the lines mentioned above (it is possible that your ".htaccess" file is empty at the time of its first edition, do not worry, add the lines anyway);
- Click on"Save changes" ;
- You can now click"Close" to return to the File Manager. You can disable thedisplay of hidden files for a better browsing experience.