How to Fix HTTP to HTTPS Redirect

Why redirect HTTP to HTTPS?

No redirect? Then anyone typing http://yoursite.com or following an old link stays on HTTP. You get unencrypted traffic, “Not Secure” in the browser, and split SEO, Google might index both versions. A 301 sends everyone to HTTPS, keeps data encrypted, and pulls ranking signals onto the secure URL.

How to redirect HTTP to HTTPS in Nginx

Add a server block for port 80 that 301s to HTTPS. Swap example.com for your domain.

1. Open your Nginx config (e.g. /etc/nginx/sites-available/default or a site-specific file).
2. Add this server block (or update the existing one for port 80):

server {
  listen 80;
  server_name example.com www.example.com;
  return 301 https://$host$request_uri;
}

$host is the hostname, $request_uri is path and query, so the redirect keeps the same URL, just on HTTPS.

3. Test the config: sudo nginx -t
4. Reload Nginx: sudo systemctl reload nginx (or sudo service nginx reload)

How to redirect HTTP to HTTPS in Apache (.htaccess)

If you use .htaccess, add these lines. Ensure mod_rewrite is enabled.

1. Open the .htaccess file in your site’s root (e.g. public_html).
2. Add or merge this block:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Save the file. If you edit the main Apache config instead, restart Apache after changes (sudo systemctl restart apache2 or sudo service apache2 restart). If your server is behind a proxy or load balancer that terminates SSL, %{HTTPS} may always be off; in that case use RewriteCond %{HTTP:X-Forwarded-Proto} !https instead.

How to redirect HTTP to HTTPS in Cloudflare

With Cloudflare you can do the redirect at the edge, so your origin doesn’t have to.

1. In the Cloudflare dashboard, select your domain.
2. Go to SSL/TLS → Edge Certificates.
3. Turn on Always Use HTTPS. Cloudflare will redirect all HTTP requests to HTTPS with a 301 (permanent) redirect at the edge, no origin redirect needed (and Cloudflare recommends not redirecting at the origin to avoid loops).
4. If you need a custom rule (e.g. only certain paths): go to Rules → Redirect Rules → Create rule, match HTTP requests, and set the target URL to preserve host and path (e.g. dynamic target https://${host}${uri} or your dashboard’s equivalent), with status 301.

How to redirect HTTP to HTTPS in WordPress

First switch the site URL to HTTPS in WordPress; then make sure the server or a plugin actually redirects HTTP to HTTPS.

1. Log in to the WordPress dashboard.
2. Go to Settings → General.
3. Set WordPress Address (URL) and Site Address (URL) to https://yourdomain.com.
4. Click Save Changes.
5. Ensure the HTTP→HTTPS redirect is in place: your host may do it automatically, or use a plugin like Really Simple SSL. If you manage the server, use the Nginx or Apache steps above.