Force Redirect HTTP to HTTPS and Fix insecure Contents .htaccess or Nginx config
![Force Redirect HTTP to HTTPS and Fix insecure Contents .htaccess or Nginx config](/img/force-ssl-http-https-contents.jpg)
Here is the .htacess code for force HTTP to HTTPS and fix the insecure content header.
This rule Force users redirect HTTP TO HTTPS .htaccess code
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
This rule Force domain name WWW to non-WWW. Replace example.com to your domain name. this is .htaccess code
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.example.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
This rule Force domain name non-WWW to WWW
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]
the content such as images, javascript from third-party websites might make a warning issue in browser.
This code Fix SSL Mixed Content Warnings .htaccess code
<IfModule mod_headers.c>
Header always set Content-Security-Policy "upgrade-insecure-requests;"
</IfModule>
or Nginx code fix SSL mixed content warning. open nginx.conf
add_header Content-Security-Policy "upgrade-insecure-requests;"
Below is all the options to force SSL on your website.
This article published on :