If you’re running a site on Apache and need to force all traffic over to HTTPS, you can do it with a simple .htaccess rewrite rule. This is one of those things you set up once and forget about, but it’s important to get right — especially if you’re serving mixed content or have just installed an SSL certificate.

Add the following to your .htaccess file in the web root:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

This checks if the request came in on port 80 (plain HTTP) and redirects it to the HTTPS version. Replace www.example.com with your actual domain. If you want a permanent redirect (which is better for SEO), change [R,L] to [R=301,L].

This approach works on shared hosting where you don’t have access to the main Apache config. If you do have access to the vhost config, it’s generally better to handle the redirect there instead.