How to Force HTTPS Using cPanel

Once your SSL certificate is installed, you should force all visitors to use the secure HTTPS version of your site. This prevents visitors from accidentally accessing the unsecured HTTP version. dotCanada offers a couple of ways to do this from cPanel.

Method 1: Using the Force HTTPS Toggle

Some cPanel configurations include a simple toggle to force HTTPS:

1. Log in to cPanel and go to the Domains section.
2. Click Domains.
3. Find your domain in the list and toggle the Force HTTPS Redirect switch to on.
4. The redirect will take effect immediately.

Method 2: Using an .htaccess Redirect

If the toggle is not available, you can add a redirect rule to your .htaccess file manually:

1. Go to File Manager in cPanel and navigate to your public_html folder.
2. Open .htaccess for editing (enable hidden files if you cannot see it).
3. Add the following code near the top of the file, before any existing WordPress or application rules:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Important Notes

• Make sure your SSL certificate is active and working before enabling HTTPS redirection. Visitors will get a browser error if the certificate is missing or invalid.
• A 301 redirect (permanent) is best for SEO - it tells search engines the HTTPS version is the canonical URL.
• After enabling the redirect, test your site by visiting the http:// version and confirming it redirects properly.

For help setting up HTTPS redirects, contact our support team.