Force SSL for all websites

J

Jeroen Maas

Registered
May 28, 2017
4
1
3
Netherlands
cPanel Access Level
Root Administrator
Is it possible to force all cpanel hosted websites to run on HTTPS only? I know i can do it on a website basis using custom .htaccess. But is there a "global" way using WHM?

Regards,

Jeroen Maas
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
  • Like
Reactions: Jeroen Maas
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
I'm happy to see it works as intended. Thank you for updating us with the outcome.
 
delia

delia

Member
Feb 11, 2008
21
1
53
cPanelMichael said:
Hello Jeroen,

You could setup a custom Mod_Rewrite rule that redirects non-SSL requests to the SSL version of the website and then ensure it's applied to all virtual hosts using the instructions for "Apply to all virtual hosts on the system" and "Without SSL" on the following document:
Click to expand...
Okay, so that is a wow! Please confirm that if you want all sites to use SSL that you choose the without SSL. That is counter intuitive to me! Are there any gotchas in this? There are sites already doing a forced redirect with the addition of force non to www. I'm having so much trouble getting these to work using cPanel redirects that I'm a bit hesitant to play with it server wide but this could be a major solution for me as long as I don't have sites going down all over the place.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
delia said:
Please confirm that if you want all sites to use SSL that you choose the without SSL
Click to expand...
Right, you'd use the "Without SSL" instructions to apply the rules in your custom include file to access attempts made using "http" and not "https". There's always a potential for custom Mod_Rewrite rules to conflict with the website's script. You may want to test the rules on individual virtual hosts first to make sure they don't lead to any issues accessing the websites.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
N Hostname Force SSL Security 1
G SOLVED SSL expired, how to force renewal? Security 18
J Force SSL certificate install Security 7
B Lets Encrypt - New Accounts Forces SSL Security 1
Rogerio Force regenerate server's SSL certificate Security 1
Similar threads
Hostname Force SSL
SOLVED SSL expired, how to force renewal?
Force SSL certificate install
Lets Encrypt - New Accounts Forces SSL
Force regenerate server's SSL certificate
Top Bottom