Redirecting requests to https:// (SSL)

Once you have an SSL certificate for your website, it is important that the entire website traffic will be redirectd to https://.

This can be done by activating the redirection to https:// in the vHost area, or by creating a rewrite rule in a .htaccess file.

What is required

• A Let's Encrypt certificate for your domain.
  This can be purchased / activated in the vHost area under HTTPS (SSL/TLS).
• 10 minutes after SSL activation, the option to redirect to https:// becomes available.
• You can now enable redirection to https:// by clicking on "aktivieren" at the option "Umleitung auf https://"

  

An alternative are rewrite rules that you store via FTP in a .htaccess file in the document root of the respective website.

variant 1

RewriteEngine on 
RewriteCond %{ENV:HTTPS} !=on 
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

variant 2

RewriteEngine on 
RewriteCond %{HTTP:X-Forwarded-Proto} !https 
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Variant 1 and 2 work well, but are not as efficient as the redirection in the vHost area, since the request must first be passed through to the web server and processed there (this costs valuable time).

The redirection to https:// in the vHost area takes effect much earlier, namely at the point where requests enter to the hosting system first: at the load balancers. This makes it possible to create a far more efficient type of redirection, in which incoming requests do not first have to be routed to the web server, processed there and then sent back all the way from the web server. A lot of time is lost here, especially when processing the rules in .htaccess files.