Forcing or redirecting your visitors to https automatically is the best way to make sure that your website can only accessed through SSL and that all traffic to and from your website is secured. We recommend that all customers who use SSL make sure that their sites contain one of the below rules.

IIS - web.config or Helicon Ape

For URL Rewrite, add the following rewrite rule to your web.config file's <system.webServer> section.

<rewrite> <rules> <rule name="ACME / Let's Encrypt Verification" stopProcessing="true"> <match url="^\.well-known(.*)" /> <action type="None" /> </rule> <rule name="HTTP to HTTPS Redirect" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="off" ignoreCase="true" /> </conditions> <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" /> </rule> </rules> </rewrite>

For Helicon Ape, add these lines to the .htaccess file in your wwwroot under the RewriteEngine On directive

RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Apache - .htaccess

Add these lines to your site's root .htaccess file directly under the RewriteEngine On directive

RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}