• Article for your preferred language does not exist. Below is international version of the article.

Article ID: 112135, created on Aug 30, 2011, last review on Jun 24, 2016

  • Applies to:
  • Plesk for Linux/Unix
  • Plesk for Windows


How do I force all visitors of my website to use secure connection (HTTPS)?



  1. Make sure that mod_rewrite Apache module is enabled:

    # httpd -t -D DUMP_MODULES | grep rewrite
    Syntax OK
     rewrite_module (shared)
  2. Create file .htaccess in document root of the domain and put following configuration inside:

    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTPS} !=on
        RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,QSA]


Go to Plesk > Domains > example.com > Websites & Domains > Web Server Settings and add above configuration to Additional directives for HTTP. Refer this KB-article to find more information about configure redirects in Plesk

If nginx is enabled and static files are processed directly by nginx add the follwoing rule in Plesk > Domains > example.com > Apache & nginx Settings > Additional nginx directives:

rewrite ^(.*) https://$server_name$1 permanent;


Follow the steps from this article.


Create file web.config in document root of the domain and put following configuration inside:

<?xml version="1.0" encoding="UTF-8"?>
                <rule name="http to httpos" stopProcessing="true">
                    <match url="(.*)" />
                        <add input="{HTTPS}" pattern="^OFF$" />
                    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Temporary" />

Search Words

force https

force secure connection

redirection from http to https

http to https


a914db3fdc7a53ddcfd1b2db8f5a1b9c 29d1e90fd304f01e6420fbe60f66f838 56797cefb1efc9130f7c48a7d1db0f0c 85a92ca67f2200d36506862eaa6ed6b8

Email subscription for changes to this article
Save as PDF