Duplicate HTTP and HTTPS in Drupal 7

NEWS / Posted on the 09 November 2018

If you are using an SSL certificate on your Drupal 7 website you may have an issue whereby you can access your site via both the HTTP and HTTPS url. This can cause problems for your website with search engines as it is creating duplicates of your pages. You will need to redirect your HTTP url to HTTPS.

Why should your website use HTTPS? HTTPS is most commonly used where sensitive information is sent to a website and if that information were to be intercepted it would be a problem for the user. This information is typically one of the following:

  • Credit cards
  • Cookies such as PHP session cookies
  • Passwords and usernames
  • Identifiable information (name, address, email address, passport number, driving license, national insurance number etc.)
  • Confidential content

To avoid compromising your web site and protecting sensitive information it is recommended that your website uses HTTPS. To do this you will need to install an SSL certificate on your website.

Most users will not be able to tell the difference between an HTTP and HTTPS website. In fact the only noticable difference on the front end of the website is that the URL in the address bar will be https://yourwebsite.com instead of http://yourwebsite.com and a small padlock icon next to it.

To redirect your website from HTTP to HTTPS simply insert the following code in your .htaccess file:

# Redirect to HTTPS
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

That's it! Test it and you're good to go.

Manchester skyline
Centre for Cities
We take leading role in Government initiative
01 September 2009
Frontier Performance logo
A new frontier
New logo design for Exeter based personal training company
13 May 2016