Site Owners should force all connections to use HTTPS

Site Owners: If your website doesn't use SSL, you're going to lose your search engine rankings and the latest web browsers will warn visitors your site is not secure. I recommend you add two lines to your Apache .htaccess to force all connections to use HTTPS:

 
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
 
Certificates are pretty inexpensive, and you can even get free ones. The only downside with Let's Encrypt certificates is you have to renew them multiple times a year, but it is free! I wrote a script to automate my renewals, and then I just check to make sure it completes successfully. Note: regardless of your expiration date, you want to run your CRON at least weekly, if not daily, just to check if there was a revocation issued by the CA!
 
Here's a link to a free Certificate Authority: letsencrypt.org
Gary Wright II

Gary Wright II

President & Chief Executive Officer of Clever Things, LLC
About Me

Human Rights Activist and Corporate Executive

Commenting only available for logged-in users

Geek Food

Geek Food

Geek Food - Technology and Engineering

Archives