WordPress fast redirect from HTTP to HTTPS

If most of your visitors come from Google (organic) or social media, they are probably visiting the HTTPS version directly.

But what if there are visitors who visit your site directly?

In my case, I usually type “igu”, o it suggests "iguru.gr" and I press enter.

By default, the browser sends the request to "https://iguru.gr" and later redirects it to "https://iguru.gr".

Why redirecting from HTTP to HTTPS is ;

If you have configured https in WordPress settings, then WP will take care of the redirection. This will be done by PHP. However, depending on the hosting provider and the speed of the server, redirection via PHP can be slow. So it is better to disconnect it from PHP.

Let's see what we can do.

Set up Web Server to redirect to HTTPS

Setting up a Web Server like Nginx / Apache / LiteSpeed ​​for redirect will always do it faster than PHP.

Apache / LiteSpeed

If you have Apache or LiteSpeed ​​Web Server, add the following source code to the .htaccess file:


Nginx

In Nginx, add the following setting:

server { listen 443 ssl; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" ; }

If you use Cloudflare, things are very easy. From the SSL / TLS - Edge Certificates settings, enable the "Always Use HTTPS" option.

Optionally, select the "Automatic HTTPS Rewrites" option.

Or you can also add a meta tag to tell the program ς να χρησιμοποιεί HTTPS για όλα τα αιτήματα μέσα σε μια .


Enable HSTS

HSTS or HTTP Strict Transport Security is a response header.

Simply put, it tells the browser "this site will have HTTPS for so many days, so use HTTPS by default".

So the next time someone enters "iguru.gr" or "https://iguru.gr", the browser will open directly "https://iguru.gr".

Apache / LiteSpeed

Add the following code to the .htaccess file:


Nginx

In Nginx, add the following setting:

server {listen 443 ssl; add_header Strict-Transport-Security "max-age = 31536000; includeSubDomains" always; }

Cloudflare

From the SSL / TLS - Edge Certificates settings enable HTTP Strict Transport Security (HSTS)

Enter the following settings:


Verify HSTS

You can check if it works or not by checking the response header:

You can also visit the page https://hstspreload.org/ to check the same.

Submit to the Chrome HSTS list

Even if you have HSTS enabled, the user visiting your site for the first time will have a redirect from HTTP to HTTPS.

But Chrome maintains a list of HSTS-enabled sites in the browser (and other browsers use the same list). So if your site is added to this list, no redirect is needed anymore!

From address https://hstspreload.org/ submit your domain.

and

Then click Submit and wait for it to be added to the Chrome hardcoded list.

Are you ready!

 

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).