Last active
October 1, 2019 18:34
-
-
Save KryptikOne/26958db62e2401e6413146ece27d6c2f to your computer and use it in GitHub Desktop.
HTACCESS rules for the default WordPress htaccess to upgrade HTTP requests to HTTPS and set HSTS header
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setting HSTS Header so https takes precedence (set to 1 year) | |
| Header set Strict-Transport-Security "max-age=31536000" env=HTTPS | |
| # BEGIN HTTPS Upgrade | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteCond %{ENV:HTTPS} !=on | |
| RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L] | |
| # BEGIN WordPress | |
| RewriteRule ^index\.php$ - [L] | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule . /index.php [L] | |
| # END WordPress | |
| </IfModule> | |
| # END HTTPS Upgrade |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment