Site Owners should force all connections to use HTTPS

Site Owners: If your website doesn't use SSL, you're going to lose your search engine rankings and the latest web browsers will warn visitors your site is not secure. I recommend you add two lines to your Apache .htaccess to force all connections to use HTTPS:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Certificates are pretty inexpensive, and you can even get free ones. The only downside with Let's Encrypt certificates is you have to renew them multiple times a year, but it is free! I wrote a script to automate my renewals, and then I just check to make sure it completes successfully. Note: regardless of your expiration date, you want to run your CRON at least weekly, if not daily, just to check if there was a revocation issued by the CA!
Here's a link to a free Certificate Authority:
    Gary Wright II

    Gary Wright II

    Brindlee Mountain, Alabama
    President & Chief Executive Officer of Clever Things, LLC

    Commenting only available for logged in users