• Article for your preferred language does not exist. Below is international version of the article.

Article ID: 112135, created on Aug 30, 2011, last review on Dec 18, 2016

  • Applies to:
  • Plesk for Linux/Unix
  • Plesk for Windows


How do I force all visitors of my website to use secure connection (HTTPS)?


For Plesk 12.5 and lower:


  1. Make sure that mod_rewrite Apache module is enabled:

    # httpd -t -D DUMP_MODULES | grep rewrite
    Syntax OK
     rewrite_module (shared)

    or go to Home > Tools & Settings > Apache Web Server

  2. Create file .htaccess in document root of the domain and put following configuration inside:

    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTPS} !=on
        RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,QSA]


Go to Plesk > Domains > example.com > Websites & Domains > Web Server Settings (or Apache & nginx Settings) and add above configuration to Additional directives for HTTP. Refer this KB article to find more information about configure redirects in Plesk.

If nginx is enabled and static files are processed directly by nginx add the following rule in Plesk > Domains > example.com > Apache & nginx Settings > Additional nginx directives:

if ($ssl_protocol = "") {
 rewrite ^/(.*) https://$server_name/$1 permanent;


Follow the steps from this article.


Create file web.config in document root of the domain and put following configuration inside:

<?xml version="1.0" encoding="UTF-8"?>
                <rule name="http to https" stopProcessing="true">
                    <match url="(.*)" />
                        <add input="{HTTPS}" pattern="^OFF$" />
                    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Temporary" />

For Plesk Onyx:

Go to Plesk > Subscriptions > example.com > Hosting Settings > under Security section click on Permanent SEO-safe 301 redirect from HTTP to HTTPS. More details about this new feature in Plesk Onyx are available in Plesk Administrator's Guide.

Search Words

force https

force secure connection

redirection from http to https

http to https


a914db3fdc7a53ddcfd1b2db8f5a1b9c 29d1e90fd304f01e6420fbe60f66f838 56797cefb1efc9130f7c48a7d1db0f0c 85a92ca67f2200d36506862eaa6ed6b8

Email subscription for changes to this article
Save as PDF