FORCE HTTPS

Avatar
  • updated
  • Answered

this is my htaccess in cpanel. but this is not working. website still says not secure


# -- concrete5 urls start --


RewriteEngine On
RewriteCond %{HTTP_HOST} sunnywoodrice\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://sunnywoodrice.com/https://sunnywoodrice.com/$1 [R,L]

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]

# -- concrete5 urls end --

Avatar
IMH Support Agent 2
  • Answered

Hello Amber,


Thanks for the question about your site not being secure after forcing the HTTPS.  Quite often the issue is that you have code in your site that is referencing a URL that is not secure.  So, even if your site is using the SSL certificate, you may have portions of it referencing something that is not being covered by the SSL certificate.  This will lead to a site being shown as "NOT SECURE."  One of the best tools for checking this is a website called https://whynopadlock.com.  I checked your website with this tool and found a bunch of URLs that were pointing to an image using an unsecured link.  The tool is free and will help you to pinpoint where the problems are.  You will need eliminate all of those insecure references in order for the site to be listed as "secure."


If you have any further questions or comments, please let us know.


Kindest regards,

Arnel C.