Are you planning to secure your website with an SSL certificate and migrate it to HTTPS? Then take this blog by your side to understand the minor details.

1. How to Redirect HTTP to HTTPS
in htaccess?
Introduction:
SSL stands for “Secure Sockets Layer.”
The SSL certificate is a digital certificate necessary to
validate your website’s identity and authenticity. SSL is a
security protocol having the power to create and establish an
encrypted connection between a web server and a web
browser.
As a standard practice, SSL must be installed on your
website to safeguard and secure any sensitive data
exchanged between the two systems. With SSL installed, you
can keep cyber criminals at bay and prevent them from
reading and modifying the transferred data.
Why must I encrypt my website with an SSL certificate?
Most website owners would have this question. You must install an
SSL certificate if your site visitors are paramount to your business.
Installing an SSL certificate will let the search engines know that
your site establishes a secured connection when accessed. Hence,
they will not mistake your website for scams or phishing.
As a business owner, your company’s brand image, online
reputation, and customers’ trust depend on the authenticity of your
website.
Web browsers often show unsecured connection warnings if your
website doesn't have an SSL certificate. So it becomes extremely
important to redirect your website from (unsecured) HTTP to
(secured) HTTPS. If you also have plans to migrate your website to
HTTPS, this blog is for you.
Also Read: How To Upload Website Files and Database Using
cPanel
What is HTTPS?

2. Let’s begin by understanding HTTP before knowing HTTPS.
HTTP stands for Hypertext Transfer Protocol which is the base
of the World Wide Web (WWW). HTTP is an application layer
protocol that transfers information between the server and the
client machines. Unfortunately, HTTP is not a secure protocol that
can establish a safe connection between the client and the server.
So the experts developed a secured version of HTTP and named
it HTTPS - Hypertext Transfer Protocol Secure. HTTPS is the
primary protocol for exchanging information between a web browser
(client) and a website (server).
HTTPS establishes an encrypted connection which improves your
security during data transfer.
Also Read: Best Practices To Secure Your Website
Why Must I Use HTTPS on My Website?
When you see a Padlock icon followed by HTTPS in the address bar
of a web browser, it means that SSL Certificate has been installed
on the website you are accessing. It also means that the SSL
protocol will be used during the data exchange between the website
(server) and the web browser (client) accessing that website.
The following images will give you an idea:

3. HTTP to HTTPS redirection - The
Complete Process.

4. We will connect with 5 variations of redirecting HTTP to HTTPS.
During this discussion, we will consider the following 2 aspects:
 Use mydomain.com as an example.
 Use the .htaccess file in the cPanel for redirection purposes.
Also Read: How to Add a New Domain To Cpanel?
Let us first find the .htaccess file in the cPanel.

5.  Log in to your cPanel
 Go to Files and click on the File Manager from the group of
icons.
 You should select the option - ‘Document Root for.’ You can
either select the domain name from the available drop-down
menu OR click on the ‘Settings’ at the top right-hand side of
the page. Click on Settings if you have only 1 website.

6.  Now locate the .htaccess file.
 As the .htaccess file remains hidden, you must click on the
“Show Hidden Files (dotfiles)” checkbox.
 Once the .htaccess file becomes visible, right-click on it and
select Edit.

7.  In the next pop-up, again click on Edit.
Also Read: How to Take Backup of Emails from cPanel
Important Notes:
Before editing the code in the .htaccess file, here are a few
important points to remember.
 You must store your .htaccess file in the Root Folder OR in the
same folder where your website is present.
 In the .htaccess file, search for the phrase 'RewriteEngine
On.' If it already exists, add the following relevant code(s)
right after it. Do not repeat RewriteEngine ON.
 You must type your domain name instead of the example -
mydomain.com.
Types of Website Redirection
Before we dive deep into knowing the different variations of
migrating HTTP to HTTPS, let us first understand the types of
website redirections.
There are 2 types of redirections:
 Permanent Redirection: With Status Code 301.
 Temporary Redirection: With Status Code 302.
Search Engines and web browsers deal with each of these
redirection types differently.
Permanent Redirection: With Status Code 301.

8. As the name suggests, Status Code 301 directs the search engine
that the website has permanently moved to a new location. Hence,
it must consider only the new location for crawling and indexation
purposes.
Similarly, Status Code 301 will direct the web browser to cache
(store) the new URL and prioritize it over the older URL. This will
help access the webpage faster.
Temporary Redirection: With Status Code 302.
Contrary to Permanent Redirection, Status Code 302 tells the
search engine that the website has temporarily moved to a new
location. Hence, it must consider both the locations parallelly while
crawling and indexing the web pages. It also suggests that the older
URL, in any case, will stand valid.
Status Code 302 will direct the web browser to cache (store) only
the old URL. The redirection will happen every time the old URL
receives an access request. This is a time-consuming process, and
experts don’t recommend it.
The Drawback of Status Code 302:
Continuing with a 302 redirection for a longer period can
significantly impact search engine rankings.
Since both http://mydomain.com and https://mydomain.com are
indexed individually by search engines, all site requests get divided
between URLs during the HTTP to HTTPS redirection process. Hence,
we suggest Status Code 301 in major cases.
Also Read: How to upload Laravel Project on Shared
Hosting With cPanel?
.htaccess Code for migrating HTTP to
HTTPS.
Variation 1 - without WWW
Code for a non-www type of website:
Start below “RewriteEngine On”
RewriteCond %{HTTPS} off
RewriteRule
^(.*)$ HTTPS://mydomain.com%{HTTP_HOST}%{REQUEST_URI}
[L,R=301]
Variation 2 - with WWW
Code for a www type of website:

9. Start below “RewriteEngine On”
RewriteCond %{HTTP_HOST} !^www.mydomain.com [NC]
RewriteRule ^
HTTPS://www.mydomain.com %{HTTP_HOST}%{REQUEST_URI}
[L,R=301]
RewriteCond %{HTTP:X-Forwarded-Proto} !HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^
HTTPS://mydomain.com %{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Variation 3 - Redirecting all your web traffic
Code for all web traffic redirection:
Start below “RewriteEngine On”
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ HTTPS://www.yoursite.com/$1 [R,L]
Variation 4 - Redirecting a selected Domain
Code for specific Domain (from multiple domains) redirection:
Start below “RewriteEngine On”
RewriteCond %{HTTP_HOST} ^mydomain.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ HTTPS://www.mydomain.com/$1 [R,L]
Variation 5 - Redirecting a selected Folder or a Webpage
Code for a specific Folder redirection:
Start below “RewriteEngine On”
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ HTTPS://www.mydomain.com/folder/$1
[R,L]
Also Read: What is FTP & How to Create an FTP Account In
cPanel?
Conclusion
After reading through this informative blog, you will have a fair idea
about using the .htaccess file in your cPanel to redirect your
unsecured HTTP website to a secured HTTPS.

10. Implementing one of the migration processes will help you establish
your website's authenticity with the search engines and develop
trust within your users when they perform sensitive data
transactions on your website.
On the whole, having the right SSL certificate installed on your
website places your brand in a better position than your competitors,
who still spend sleepless nights dealing with the issues of unsecured
websites. So go ahead and buy yourself an SSL certificate from Host
IT Smart and begin migrating to a secured HTTPS environment
today.
Source
https://www.hostitsmart.com/manage/knowledgebase/238/How-to-
Redirect-HTTP-to-HTTPS-in-htaccess.html