Magento Tutorials

How to Force Magento 1 & 2 to Use HTTPS

magento-force-https

You have set up your Magento site to use HTTPS, but users can still visit your site through non-secure URLs. To force HTTPS on all of the pages on your frontend, please follow these below steps.

In Magento 1:

  1. Log in your Magento backend. Go to System > Configuration.
  2. Under General section, select Web. Then, in the Secure section, change the Base URL to https://yourdomain.com/
    Magento Base URL
  3. Change the value of Use Secure URLs in Frontend and Use Secure URLs in Admin options to Yes. Then click Save Config.
  4. Clear Magento cache.

In Magento 2:

  1. Log in your Magento backend. Go to Stores > Settings > Configuration.
    configuration menu
  2. Under General section, select Web. Then, in the Base URLs (Secure) section, change the Secure Base URL to https://yourdomain.com/
    Magento 2 Base URL
  3. Change the value of Use Secure URLs on Storefront and Use Secure URLs in Admin options to Yes. Then click Save Config.
  4. Clear Magento cache.

 

Hope that helps!



SEE MORE:



How to Force Magento 1 & 2 to Use HTTPS
5 (100%) 3 vote[s]
1 Comments

Dom

A knowledge craver who always strive to be wiser everyday.

    1 Comments

    1. Glauco
      05/15/2019 at 12:09 am

      This didn’t work for me in Magento 2. It sets a preference for https, but doesn’t force it, meaning people can still access the pages via http by simply removing the “s” from the URL. I had to add this code in .htaccess:

      RewriteEngine On
      RewriteCond %{HTTPS} off
      RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

      This was the only way to really force it for me.

    Leave a Comment

    Your email address will not be published. Required fields are marked*