This guide explains how to redirect to a secure https version (SSL) all visitors to a website on Web Hosting Infomaniak.

Preamble

• This redirection is automatic in principle with a standard configuration and installation.
• For additional help contact a partner or launch a free call for tenders — also discover the role of the host.

Manual redirection via .htaccess file

Prerequisites

• Have a valid and functional SSL certificate for the Infomaniak website.

Then, modify or add the following 3 lines to the .htaccess file of the website concerned so that all its visitors automatically access its secure https version:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

Replace the second line of the code above with RewriteCond %{HTTP:X-Forwarded-Proto} !https in case of a problem.

With a CMS

Most web applications like WordPress and Joomla have extensions/plugins that automatically redirect visitors to the secure https version of a site.

WordPress

If you are using a content management system (CMS) like WordPress to create your site, we recommend installing an extension to perform this redirection:

1. Save the site's files and database as a precaution.
2. Install the extension Really Simple SSL or similar from the WordPress console and activate it.
3. Visitors are now automatically redirected to the https version of the site.

Joomla

1. Find the line

   var $live_site ='';

   in the Joomla configuration file (configuration.php) on the server.

2. Replace with

   var $live_site = 'https://www.domain.xyz';

3. Add three lines to your .htaccess file on the server:

   RewriteEngine On
   RewriteCond %{HTTPS} OFF
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

4. Open the Joomla administration panel in "System - Configuration".
5. Click on the "Server" tab and under "Force SSL" choose "Admin and Site".
6. Save and visitors will now be automatically redirected to the https version of the site.

Prestashop

1. Access the general settings in the Prestashop back-office to enable SSL:
   1. < v1.7 click on "Preferences" then on "General"
   2. > v1.7 click on "Store Settings" then on "General"
2. Enable the toggle switch "Enable SSL" to "YES"
3. Click on "Save"
4. In the same place, enable the toggle switch "Enable SSL on the entire site" to "YES".
5. Click on "Save".

In case a security lock does not appear in the browser or a warning is displayed, check the template or modules as they may not be perfectly compatible with SSL. Your Prestashop then loads elements (images, .css or .js files, fonts...) in "http" while these should now be loaded in "https".

Drupal

Refer to this article (in English) which explains how to switch a Drupal site from http to https.

Alternative solutions

In your .htaccess file, to force the site URL to be https:// but without www:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

In case of a redirection loop, adapt the code above to:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule (.*) https://domain.xyz/$1 [R=301,L]

In your .htaccess file, to force redirection with www

with subdomains:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

In case of a redirection loop, adapt the code above to:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

and without subdomains:

RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^domain.xyz [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

In case of a redirection loop, adapt the code above to:

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^domain.xyz [NC]
RewriteRule (.*) https://www.domain.xyz/$1 [R=301,L]

Common errors following an https redirection

To resolve common issues that may arise after redirecting your website to its secure https version, refer to this other guide.