Redirect from HTTP to HTTPS your website
Learn how and why you should redirect your website from HTTP to HTTPS
Whether you are looking for a temporary redirect or a permanent one, we are here to help.
With Bunnyshell it's easier than ever to redirect your website from HTTP to HTTPS. It's effortless and it spares you the trouble of logging into your server and doing all the work manually.
What is HTTP?
The Hypertext Transfer Protocol (HTTP) is the foundation of the World Wide Web, and is used to load web pages using hypertext links. HTTP is an application layer protocol designed to transfer information between networked devices and runs on top of other layers of the network protocol stack. A typical flow over HTTP involves a client machine making a request to a server, which then sends a response message.
HTTP can be leveraged by cyber attackers using techniques like HTTP smuggling.
What is HTTPS?
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer. This is particularly important when users transmit sensitive data, such as by logging into a bank account, email service, or health insurance provider.
Any website, especially those that require login credentials, should use HTTPS. In modern web browsers such as Chrome, websites that do not use HTTPS are marked differently than those that are. Look for a green padlock in the URL bar to signify the webpage is secure. Web browsers take HTTPS seriously; Google Chrome and other browsers flag all non-HTTPS websites as not secure.
What is the difference between HTTP and HTTPS?
Technically speaking, HTTPS is not a separate protocol from HTTP. It is simply using TLS/SSL encryption over the HTTP protocol. HTTPS occurs based upon the transmission of TLS/SSL certificates, which verify that a particular provider is who they say they are.
When a user connects to a webpage, the webpage will send over its SSL certificate which contains the public key necessary to start the secure session. The two computers, the client and the server, then go through a process called an SSL/TLS handshake, which is a series of back-and-forth communications used to establish a secure connection. To take a deeper dive into encryption and the SSL/TLS handshake, read about what happens in a TLS handshake.
How can you tell the difference between these two?
If you're website is not secured, the first warning will be displayed on your webpage - the red triangle indicating that your connection is not private, followed by a short explanation. There are, obviously ways to bypass this and proceed to your website, but this is not something we recommend.
The second indicator is if you lack the lock on your address bar, which is also further explained by your browser if you click on the space before your address.
How do I know my connection is secure?
There are multiple signs to let you know your website is safe to use.
- First one is the lock next to your link.
- The second one is the https:// added to your link. While nowadays most websites just display the name of the website (E.g: Google.com), if you just click on your link the https:// should easily appear.
Redirect your HTTP to HTTPS from Bunnyshell dashboard
- Go to your apps, by pressing on Applications from the left side menu bar.
- Now click on the application you wish to add HTTPS redirect for
- Once in that application's menu go to the Settings tab
- While in this tab, you have multiple options you can choose from. If you want to select Temporary/Permanent redirect, just toggle the bar and this will make all the changes you need.
- Once you made all the changes you wish, click on Apply Site Settings which will send the new changes into production.