Tag: domain

How to Redirect HTTP to HTTPS Using .htaccess

Secure your website by redirecting all HTTP traffic to HTTPS using a simple .htaccess rule. Follow this guide for a safe and SEO-friendly setup.

Chrome and Firefox have started showing insecure warnings to the visitors on websites without SSL certificates. Therefore, using an SSL-encrypted connection for safety, accessibility or PCI compliance reasons is necessary. For SSL-encryption, buy SSL certificates and install them to your websites.

But, installing SSL certificates will not show secure, you should also redirect all your HTTP traffic to HTTPS. In order to force your web traffic to use HTTPS, edit the codes in the .htaccess file. Before we move onto redirecting HTTP to HTTPS, here’s how you can edit .htaccess file. If you already know skip to Redirection steps.

Editing .htaccess File

There are instructions/directives in the .htaccess file that tell the server how to act in certain scenarios and directly affects how your website functions. Common directives in .htaccess file:

  • Redirects
  • Rewriting URLs

Ways to edit an .htaccess file:

  1. Edit the file on your computer and upload it to the server using FTP.
  2. Use “Edit” mode in FTP program that allows you to edit a file remotely.
  3. Use a text editor and SSH to edit the file.
  4. Use the File Manager in cPanel to edit the file.

Editing .htaccess in cPanel File Manager

Note: Backup your website in case something goes wrong.

  1. Login to cPanel
  2. Files > File Manager > Document Root for:
  3. Now select the domain name you want to access
  4. Check “Show Hidden Files (dotfiles)”
  5. Click “Go”
  6. After a new tab or window opens, look for the .htaccess file.
  7. Right click on the .htaccess file and click on “Code Edit” on the menu.
  8. A dialogue box may pop up asking about encoding. Click “Edit” button to continue.
  9. Edit the file
  10. “Save Changes” when done.
  11. Test your website to make sure it is done correctly. In case, there is an error, restore to the previous version and try again.
  12. Once you are done, click “Close” to close the window.

Redirecting HTTP to HTTPS

1. Redirect All Web Traffic

If you have existing code in your .htaccess, add the following:

RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

2. Redirect Only a Specific Domain

For redirecting a specific domain to use HTTPS, add the following:

RewriteEngine On RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

3. Redirect Only a Specific Folder

Redirecting to HTTPS on a specific folder, add the following:

RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} folder RewriteRule ^(.*)$ https://www.yourdomain.com/folder/$1 [R,L]

Note: Replace “yourdomain” with your actual domain name wherever required. Also, in case of the folder, replace /folder with the actual folder name.

Think it was useful? Share this article to help them come on HTTPS

SPF Records for Outgoing Email: What They Are & Why They Matter

Learn what an SPF record is, why it’s essential for email deliverability, and how to configure it properly for sending outgoing emails from your domain.

When users mark messages as spam from a domain, mailbox providers can accurately identify that domain as a potential source of spam – if it has a valid SPF (Sender Policy Framework) records. SPF helps distinguish legitimate senders from spoofed ones. Conversely, if spoofed emails are flagged, SPF enables providers to maintain the domain’s reputation and ensure legitimate mail flows smoothly. Clearly, using SPF helps enhance the accuracy of spam filtering and protect email reputation.

Understand Why SPF Records Often Fails with PHP’s mail()

PHP developers frequently rely on the mail() function for sending emails. However, this approach skips SMTP authentication, making outgoing emails prone to being caught by SPF checks. What’s more, SPF only evaluates the envelope sender (the “Return-Path” header), not the “From” address users actually see. You can read about this at http://www.openspf.org/FAQ/Envelope_from_scope.

In many cases, the envelope sender defaults to the server or localhost, even when the “From” header appears to come from your domain. SPF checks then focus on the envelope sender—if it lacks a proper SPF records, the email may result in a soft fail. Gmail, for instance, might label this as a “best guess record,” which can be incorrect and hurt deliverability.

How to Fix SPF Records Soft-Fail Issues

Here are two effective solutions:

Switch to an SMTP-based mailer

Use libraries like PHPMailer to send emails via SMTP. This allows setting the envelope sender to match the “From” address, enabling proper SPF alignment.

Use sendmail parameters with PHP’s mail()

If refactoring the code is too extensive, you can still adjust the envelope sender using PHP’s mail() function with the -f or -F options in the additional parameters, for example:

mail("user@example.com",  "test subject",  "test message",  $headers,  "-F 'Example  Envelope-sender' -f returnpath@example.com");

This ensures the envelope sender matches your domain – making SPF checks pass correctly.

Conclusion

In essence, SPF plays a vital role in email deliverability and domain reputation. But to leverage it effectively, you must ensure emails send with the correct envelope sender. For PHP developers, the most reliable approach is using SMTP-based mailing; alternatively, configuring the envelope address via sendmail parameters can help bridge the gap without major code changes.