Blog

Blog

How to redirect website from HTTP to HTTPS using .htaccess

Chrome and Firefox showing the insecure warning on website without SSL certificate . Therefore, using an SSL-encrypted connection for safety of the website . It is very important to run website on HTTP to HTTPS.

Some time even SSL is activate on the website but it still showing in secure connection then we have to redirect it URL to HTTPS force fully

What is SSL?

Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client in online communication

Editing .htaccess in cPanel File Manager

Note: Backup your website in case something goes wrong

  1. Login to cPanel
  2. Files > File Manager > Document Root for:
  3. Now select the domain name you want to access
  4. Check “Show Hidden Files (dotfiles)”
  5. Click “Go”
  6. After a new tab or window opens, look for the .htaccess file.
  7. Right click on the .htaccess file and click on “Code Edit” on the menu.
  8. Edit the file
  9. “Save Changes” when done
  10. Test your website to make sure it is done correctly. In case, there is an error, restore to the previous version and try again.

Redirecting HTTP to HTTPS

1. Redirect All Web Traffic

If you have existing code in your .htaccess, add the following:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

2. Redirect Only a Specific Domain

For redirecting a specific domain to use HTTPS, add the following:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

3. Redirect Only a Specific Folder

Redirecting to HTTPS on a specific folder, add the following:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L]

Note: Replace “yourdomain” with your actual domain name wherever required. Also, in case of the folder, replace /folder with the actual folder name.

WordPress Security Plugins – Best Options For 2020

According to W3Techs web technologies surveys, WordPress currently powers nearly 27% of all websites. Moreover, wordpress acquires 76.4% market share in content management software usage as per Wappalyzer. Powering 30% of the top 10 million websites, also it controls more than 60% of the CMS platform market share.Therefore, one should be quite excited to have chosen WordPress for their initial websites. So we have gathered the top 5 wordpress security plugins for you.

Thus there is a plethora of plugins you can go for without any haste this year :

The following list comprises of wordpress security plugins with their respective motives. Generally some websites might be having advanced features with specific plugins and others might be good to go with plugins offered for beginners.

Top 5 wordpress security plugins :

1. Google Authenticator.
2. Hide my WP Ghost.
3. SecuPress.
4. Security Ninja.
5. Sheild Security.

1. Google Authenticator

google authenticator

Google Authenticator follows the two factor authentication (2FA). However it is implemented to ensure the security. It is far more secure than just a username and password. Also it allows you to set up a different method of authentication other than the former one.
Some of them can be:

1. A personalized question.
2. CAPTCHA.
3. QR code scanning.
4. OTP.
5. Any app supporting TOTP algorithm like Google, Authy, Last-pass Authentication, Push notification, soft tokens and Security Questions (KBA).

2. Hide My WP Ghost

hide my wp guest

Hide My WP Ghost helps to hide your website from breachers like attackers and spammers.
Features:

1. Limit login attempts.
2. Whitelist IPs.
3. Block IPs.
4. Captcha protections and hiding that your website is built on WordPress by hiding its details like your wp-login URL, admin URL, names of themes and plugins, hide common and custom paths, changes in permalinks, etcetera.
5. Log users events.
6. Decting potential security breaches like XSS, SQL injection type of security threats.
7. Compatible with multi-site, apache, Nginx, IIS, premium themes and other security plugins.

3. SecuPress

secupress free

In order to protect your website from security breaches, your on-site vulnerabilities should first be fixed in six key areas:

1. User and login.
2. Plugins and themes.
3. WordPress core.
4. Sensitive data.
5. Malware scan.
6. Firewall.

Features:

1. Firewall.
2. IP block.
3. Security alerts.
4. Blocking country by geolocation.
5. It scans and protects websites from intrusion.
6. Easy to use and provides a great UI interface.

4. Shield Security

shield security

Shield Security offers protection from attacks by blocking the web requests that violate the firewall security rules.

Features:
1. Login limitations.
2. Easy to use.
3. Scan core files to detect malicious changes.
4. Two factor authentication.

5. Security Ninja

security ninja

Security ninja involves checking your site for vulnerabilities that can be breached and then taking measures to ensure the security. It does the work by checking your site for malicious and suspicious files and codes.
It is able to execute more than 50 security checks in just one go. Thus each of the tests works on their respective algorithms.

Features:
1. It has a pro version which includes a firewall, malware scanner, auto fixer, core scanner, and other tools as well.
2. The firewall protects your website from fake traffic and bad bots.
3. Blocks suspicious IPs from specific countries and redirects them to a specific URL.