How to redirect HTTP to HTTPS in Apache

HTTP (HyperText Transfer Protocol) is used for transferring web content. By itself, HTTP does not encrypt the data, which means that information can be intercepted and read by third parties. This is where HTTPS (HTTP Secure) comes into play. HTTPS encrypts the data, ensuring that information like login credentials and payment details are secure.

Using HTTPS has become a standard practice, not just for e-commerce sites but for all websites. Browsers now often show warnings for sites using HTTP, impacting user trust.

In an Apache web server, redirecting HTTP to HTTPS is a common practice to ensure every user connection is secured. This requires mod_rewrite and can be achieved by using .htaccess file, RewriteRule directive, or Redirect directive.

Methods to redirect HTTP to HTTPS in Apache:

Redirect HTTP to HTTPS in Apache using htaccess
Redirect HTTP to HTTPS in Apache using mod_rewrite on VirtualHost configuration
Redirect HTTP to HTTPS in Apache using Redirect directive

Redirect HTTP to HTTPS in Apache using htaccess

Enable rewrite module for Apache.

$ sudo a2enmod rewrite # Ubuntu, Debian and SUSE variants
Enabling module rewrite.
To activate the new configuration, you need to run:
  systemctl restart apache2

Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
CentOS and Red Hat enables the module by default so requires no manual action to enable the modules.

Options	Debian, Ubuntu	openSUSE and SLES	Fedora Core, CentOS, RHEL	macOS	homebrew	xampp
a2enmod support	yes	yes	no	no	no	no
Modules to install	none
Module name	n/a			rewrite
Loadmodule directive	n/a			LoadModule rewrite_module <module_locations>/mod_rewrite.so

Open or create a .htaccess file on the web folder where you want to set the redirection from using your preferred text editor.
```
$ sudo vi /var/www/html/.htaccess
```

Add redirect directive from within the .htaccess file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.simplified.guide/$1 [R,L]

Hard-reload the web page to test the redirect.

Redirect HTTP to HTTPS in Apache using mod_rewrite on VirtualHost configuration

Enable rewrite module for Apache.

$ sudo a2enmod rewrite # Ubuntu, Debian and SUSE variants
Enabling module rewrite.
To activate the new configuration, you need to run:
  systemctl restart apache2

Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
CentOS and Red Hat enables the module by default so requires no manual action to enable the modules.

Options	Debian, Ubuntu	openSUSE and SLES	Fedora Core, CentOS, RHEL	macOS	homebrew	xampp
a2enmod support	yes	yes	no	no	no	no
Modules to install	none
Module name	n/a			rewrite
Loadmodule directive	n/a			LoadModule rewrite_module <module_locations>/mod_rewrite.so

Open VirtualHost config that you want to set up the redirection from using your favorite text editor.
```
$ sudo vi /etc/apache2/sites-enabled/000-default.conf
```
Related: Location for Apache VirtualHost configuration

Add RewriteRule and related directive in the VirtualHost configuration just as the htaccess method.

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://www.simplified.guide/$1 [R,L] 
</VirtualHost>

Restart Apache for the changes to take effect.

$ sudo systemctl restart apache2 # Ubuntu, Debian
$ sudo systemctl restart httpd # CentOS and Red Hat

Redirect HTTP to HTTPS in Apache using Redirect directive

Open VirtualHost config for HTTP that you want to set up the redirection from using your favorite text editor.
```
$ sudo vi /etc/apache2/sites-enabled/000-default.conf
```
Related: Location for Apache VirtualHost configuration
Add redirect directive within the VirtualHost configuration to redirect to the HTTPS URL.
```
<VirtualHost *:80>
    ServerName simplified.guide
    Redirect permanent / https://www.simplified.guide/
</VirtualHost>
```
permanent is equivalent to 301 redirect and you can use temporary instead for 302 redirect.

Restart Apache to apply the changes.

$ sudo systemctl restart apache2 # Ubuntu, Debian
$ sudo systemctl restart httpd # CentOS and Red Hat

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.

Discuss the article:

Comment anonymously. Login not required.