Force SSL with .htaccess and Stop WordPress from Modifying it

Spread the love
  • 2
  •  
  •  
  •  
  •  
  •  
  •  
Rate this post

It’s 2017 and thanks to Let’s Encrypt, millions of websites owners were able to install free, automated, and open SSL certificates. Whether you got your SSL certificate from Let’s Encrypt or any other certificate, you will need to make sure that all traffic to your website is using SSL. For this purpose, I’ll show you how to force SSL with .htaccess and more importantly how to stop WordPress from modifying it.

Force SSL with .htaccess

Before editing your .htaccess file, go to your WordPress dashboard -> Settings -> General and make sure that you enter the HTTPS version of your website.

Force SSL with .htaccess

Once you’re done, download .htaccess file via FTP or edit it directly via your cPanel. Your default .htaccess file probably will look like:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

You will need to add the following lines (make sure to replace https://yourdomain.com with your domain name).

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R=301,L]

You can add them just after RewriteBase /. So the final result would be:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://yourdomain.com/$1 [L,R=301,NC]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

Stop WordPress from Modifying

Now, all traffic to your website is using SSL. However, when you save your permalinks, WordPress will change the content of your .htaccess file and revert the edits you made from the previous steps.
To stop WordPress from modifying .htaccess file, add this line of code in your theme’s functions.php file:

add_filter('flush_rewrite_rules_hard','__return_false');

I hope this short guide helps you to force SSL with .htaccess easily. If you have any questions, please feel free to use the comments section below.

(Visited 191 times, 1 visits today)
  • 2
    Shares

Nagdy

I write about Multilingual WordPress, SEO, Website Performance. Also, I like answering WordPress question on Quora. When I have the time, I run online sessions to teach WordPress for my personal FB page fans!

ut id ut mattis sed diam

Pin It on Pinterest

Do you find this interesting?

Share it with your friends!