Products
Support
Control Panel
Webmail
To ensure that visitors always access your Website Builder site over HTTPS, all you need to do is to publish and you are set. We take care of the rest in the background.
If you get a warning about overwriting a .htaccess file or you want to know what happens in the background, continue reading.
- How are visitors forced to always access my site via HTTPS?
- I am asked whether to overwrite an existing .htaccess file; should I?
- I (re)published my site, but HTTPS still isn't working
Don't have access to Website Builder? You can try it out for free for 14 days and create a website in no time. Start your free trial now
How are visitors forced to always access my site via HTTPS?
SSL is by default enabled on all domains hosted with one.com, making it possible for your visitors to access your site via the secure HTTPS. However, it doesn't mean that they have to use HTTPS; if someone tries to access your site via the insecure HTTP, they would also be able to.
To ensure that visitors only use HTTPS we add a "rewrite" configuration to a file called ".htaccess", redirecting all insecure requests automatically to HTTPS. That way, it doesn't matter how someone tries to access your site, it will always be done over a secure connection.
So what happens in the background when you publish your site, is that we create that .htaccess file on your webspace. See the screenshot below for an example of the file.
I am asked whether to overwrite an existing .htaccess file; should I?
If you already have a .htaccess file on your webspace, and you try to publish your website in Website Builder, you'll get a warning message asking if you want to overwrite the existing file.
Whether you want to do this, depends on what's in your current .htaccess file. You can check this via File Manager. Reasons, why you have an existing .htaccess file, could be because you've added password protection, installed WordPress or already added a rewrite to HTTPS.
If you are in doubt, it's better to leave it and simply add the rewrite configuration manually to the existing file.
Check this guide for more information: How do I force visitors of my site to always use HTTPS?
I (re)published my site, but HTTPS still isn't working
If HTTPS isn't working, for example, if you get an error when you try to access your site with "https://" in the address bar, this might be because SSL isn't properly activated.
Please contact our chat support to have this checked and fixed.
Related articles: