Forcing your Website's visitors to use the shared SSL
Occasionally our technical support is asked how to direct your website visitor’s to view your website over HTTPS. Let’s look an example:
If a visitor goes to your website using http://mydomain.com, you can force them so they will always use the shared SSL certificate. Shared SSL's are included on all Shared Hosting plans. If you’re not familiar with SSL certificates, please view our article. If you have a dedicated SSL and want to force all of your website traffic to use your dedicated SSL we have a great tutorial on that as well.
Forcing your visitors to use the Shared SSL
To force your visitors to use the shared SSL certificate that InMotion Hosting provides:
- Log into cPanel
- Go to the “Redirects” section
- Set the “type” to “Permanent (301)”
- Next to “http://(www.)” choose the domain name you want to do this for
- Enter your websites URL using the Shared SSL next to the “redirects to” field
- We recommend using the “Redirect with or without WWW” selected so that any visitor will be forced to use the SSL whether they use mydomain.com or www.mydomain.com
- Ensure “Wild Card Redirect” is checked
- Click “Add”
During this example, we used the inmotiontesting.com domain and redirected it to the secure108.inmotionhosting.com/~inmoti6
If you need further assistance please feel free to ask a question on our support center website.
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!
2013-04-07 8:08 pm
I'm curious how, or if this is different from using .htaccess as described in the 'Force a dedicated SSL' support page. Just to be clear, the end user is directed to "securexx..." from "mydomain.com" without any links in the webpage needing to be rewritten? Thanks!
2014-10-31 4:41 pm
I'm curious about the impact of this solution on the website visitor's experience.
I would like to implement "Google has said it wants all ?website owners to switch from HTTP to HTTPS to keep everyone safe on the web".
I'm trying to decide whether to go with this "free" way to implement that for the time being, or whether I need to go to the expense of getting my own SSL certificate(s) and dedicated IP address(es) - I have a few dozen domain names, with a lot of aliasing among them (e.g., mydomain.com, -.net, -.org, etc. are "parked" domains). I am not doing e-commerce yet, so I don't need PCI compliance at this time.It appears that the URLs that visitors will see in their browser's address bar wil show that long prefix (e.g. secure108.inmotionhosting.com/~inmoti6) for every web page. Is that correct?Does this method slow the visitor's response time by requiring extra data exchanges for following the redirects on every page access?
Is there anything else I need to know in order to make an intelligent choice between shared and dedicated SSL when I'm on a shared server?
2014-10-31 5:06 pm
Thank you for contacting us. These are good questions. Yes it is true, the URL visitors will see is the the Shared SSL address. For example: secure108.inmotionhosting.com/~inmoti6.
It will not slow the response times, since it is just accessing the files directly from your server address. It should not require redirects since you will essentially change the URL of your CMS.
If your visitors don't mind seeing the Shared SSL address in their browser, it may not be a big deal. This really depends on the nature of your websites.
If you have any further questions, feel free to post them below.