Magento Tutorials

How to Force Magento 1 & 2 to Use HTTPS

magento-force-https

You have set up your Magento site to use HTTPS, but users can still visit your site through non-secure URLs. To force HTTPS on all of the pages on your frontend, please follow these below steps.

In Magento 1:

  1. Log in your Magento backend. Go to System > Configuration.
  2. Under General section, select Web. Then, in the Secure section, change the Base URL to https://yourdomain.com/
    Magento Base URL
  3. Change the value of Use Secure URLs in Frontend and Use Secure URLs in Admin options to Yes. Then click Save Config.
  4. Clear Magento cache.

In Magento 2:

  1. Log in your Magento backend. Go to Stores > Settings > Configuration.
    configuration menu
  2. Under General section, select Web. Then, in the Base URLs (Secure) section, change the Secure Base URL to https://yourdomain.com/
    Magento 2 Base URL
  3. Change the value of Use Secure URLs on Storefront and Use Secure URLs in Admin options to Yes. Then click Save Config.
  4. Clear Magento cache.

 

Hope that helps!



SEE MORE:



1 Comments

Dom

A knowledge craver who always strive to be wiser everyday.

    avatar
    1 Comment threads
    0 Thread replies
    0 Followers
     
    Most reacted comment
    Hottest comment thread
    1 Comment authors
    Glauco Recent comment authors
      Subscribe  
    newest oldest most voted
    Notify of
    Glauco
    Guest
    Glauco

    This didn’t work for me in Magento 2. It sets a preference for https, but doesn’t force it, meaning people can still access the pages via http by simply removing the “s” from the URL. I had to add this code in .htaccess:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    This was the only way to really force it for me.