Why should you use force HTTPS on your website?

Using HTTPS instead of HTTP means that communications between your browser and a website is encrypted via the use of an SSL (Secure Socket Layer). Even if your website doesn’t handle sensitive data, it’s a good idea to make sure your website loads securely over HTTPS. It’s now becoming a requirement for many new browser features as well as having an impact on search engine rankings.

To make sure your website loads securely, you need to make sure that it is prefixed with HTTPS instead of HTTP. This can be done in a few different ways. Outlined below are the most common ways to do this.

Use the Force HTTPS tool (easy)

• Log in to My Black Owl and head to Manage Hosting and select Manage on the package you want to force HTTPS for.
• Select the SSL/TLS icon.
• Select Enable Force HTTPS. This will redirect website users to HTTPS. As long as the website has an SSL certificate and all content loads via HTTPS, the site should show as secure.

Using a .htaccess file (more complex)

Another way that has the potential for more specific configuration is to use a .htaccess file rule. If you don’t have a .htaccess file, you can create one via FTP or File Manager and then add the code:

RewriteEngine On
RewriteCond %{env:HTTPS} !on
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

If you already have a .htaccess file then make sure you don’t duplicate the line:  RewriteEngine On

If after enabling force HTTPS the website shows insecure, then you’ll need to make sure that:

• You have an SSL certificate on the site
• You don’t have mixed content.

If you need any further support with getting SSL working correctly on your website, please feel free to raise a ticket with our support desk by emailing support@blackowl.co.uk..