How to Redirect HTTP to HTTPS in Apache (Step-by-Step Guide)

October 14, 2025 / Servers, Hosting & Email

Redirecting HTTP traffic to HTTPS is a crucial step in protecting your website, securing user data, and maintaining a strong SEO ranking. This guide explains how to redirect HTTP to HTTPS in Apache using two reliable methods: Virtual Host configuration and the .htaccess file.

Why Redirect HTTP to HTTPS?

When a website runs over HTTPS, it uses SSL/TLS encryption to secure the connection between the browser and server. Redirecting HTTP to HTTPS guarantees:

  • Improved Security: Protects sensitive user data from being blocked.
  • SEO Benefits: Search engines prioritise secure websites (HTTPS).
  • User Trust: Displays the padlock icon, assuring visitors that the site is safe.
  • Consistency: Prevents duplicate content across HTTP and HTTPS versions.

Prerequisites

Before you begin, ensure that your server meets the following requirements. You should have Apache installed and running properly on your system. A valid SSL/TLS certificate must also be installed on your domain to enable secure HTTPS connections. Additionally, you need root or sudo access to make the necessary configuration changes in Apache’s files.

Method 1: Redirect Using Apache Virtual Host

This is the most reliable method for implementing HTTPS redirection.

  1. Open the Apache Configuration File. Depending on your system, the configuration file is usually located at:
    /etc/apache2/sites-available/example.conf # Ubuntu/Debian
    /etc/httpd/conf.d/example.conf                # CentOS/RHEL
  2. Open the file using the command below:
    sudo nano /etc/apache2/sites-available/example.conf
  3. Add a Redirect Rule in the HTTP Virtual Host by inserting the subsequent configuration:
    <VirtualHost *:80>
    ServerName example.com
    ServerAlias example.com
    Redirect permanent / https://example.com/
    </VirtualHost>
  4. Enable Required Apache Modules by executing the following commands:
    sudo a2enmod ssl
    sudo a2enmod rewrite
  5. Restart Apache:
    sudo systemctl restart apache2

    (Use sudo systemctl restart httpd for CentOS/RHEL)

Method 2: Redirect Using .htaccess

If you don’t have access to Virtual Host files, you can use the .htaccess file.

  1. Open or create the .htaccess file by executing the following command:
    sudo nano /var/www/html/.htaccess
  2. Add the Rewrite Rules:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  3. Enable .htaccess Overrides in your Apache configuration, ensure that AllowOverride is set to ‘All’:
    <Directory /var/www/html>
    AllowOverride All
    </Directory>
  4. Then restart Apache with:
    sudo systemctl restart apache2

How to Verify the HTTPS Redirect

After finishing the configuration, you should check if the redirection is working properly.

Check in your web browser

  1. Open your browser and type:
    http://example.com
  2. It should automatically redirect to:
    https://example.com

Check using the cURL command

  1. You can also verify it from the terminal by running:
    curl -I http://example.com
  2. If the redirect is successful, you will see a response like this:
    HTTP/1.1 301 Moved Permanently
    Location: https://example.com/

Troubleshooting Common Issues

  • Redirect not working: Ensure mod_rewrite is enabled (sudo a2enmod rewrite).
  • SSL certificate error: Verify that your SSL certificate is properly installed.
  • .htaccess ignored: Set AllowOverride All in Apache configuration.
  • Infinite redirect loop: Clear browser cache and check for identical redirect rules in configuration files.
  • Check the Apache logs for details by running the following command:
    sudo tail -f /var/log/apache2/error.log

Conclusion

In this manner, redirecting HTTP to HTTPS in Apache ensures your website remains safe, professional, and search-engine-friendly.
You can enforce SSL and secure your visitors’ data using either the Virtual Host or .htaccess method. If you encounter any issues, our support team is always available to assist you.

Configuring HTTPS for your website?
For full control over SSL and server configuration, consider using a Linux VPS with dedicated resources.

Planning to secure your Joomla site too? Learn How to migrate a Joomla site from HTTP to HTTPS

Spread the love