Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Has anyone yet figured out the SSL redirect for "www" prefix?

Starting with some quick background... Working with GoDaddy on my SSL has been a nightmare. I bought it for ONE of my sites. Someone at GoDaddy took it upon themselves to write code for my hosting account that applied secure settings to ALL of my sites, breaking them and making them inaccessible for several days - no ad revenue, no clients, serious embarrassment.


In this continuing saga of ongoing incompetence, it appears that the SSL now ONLY works with the non-www version of my URL - not with the www version. GoDaddy once again broke all of my other sites yesterday when someone suggested an HTACCESS edit that again affected ALL of my sites - not the one for which I purchased the SSL. ANOTHER loss of revenue, etc.


I have now spent about 7 hours on phone/chat communication with "support" - only to be told that even though GoDaddy installed my SSL incorrectly and CREATED these issues, they can't tell me the simple line of code I need to forward my www URL to the HTTPS site. Actually... correction: they WILL tell me the 10 second solution - for $50. Their nerve is unbelievable.


I see some folks on this community with the same problem have actually purchased a SECOND SSL for the www version of their URL. I simply don't believe this is necessary, except for rare cases. This is a fantasy either cooked up by GoDaddy's greed/incompetence, or by someone who doesn't understand the certificate.


BUT... all that said, I simply cannot edit my HTACCESS file to forward both www and non-www URLs to the HTTPS address. We GoDaddy clients clearly are left with no option but to resolve this insanity ourselves, and post the results for others to use/modify.


Here is my HTACCESS file - the one that ONLY forwards non-www URLs. Can ANYONE tell me what it should look like to forward www URLs...? I have a contact in S.F. who is hopefully also looking at my code today to offer a fix. Not being sure of the timeline or certainty of that, however, I thought I'd also ask this community.


AGAIN, if someone can help me, I WILL post the fix so that no one else has to deal with this or pay GoDaddy a ridiculous fee for doing what they SHOULD be doing for customers in the first place.



Please NOTE - when posting this, I received this "error message" from GoDaddy. Not sure what they actually "changed" but please keep it in mind: "Your post has been changed because invalid HTML was found in the message body. The invalid HTML has been removed. Please review the message and submit the message when you are satisfied."


<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$$1 [L,R=301]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Community Manager
Community Manager

Re: Has anyone yet figured out the SSL redirect for "www" prefix?

Hi @RexRoamer. Sorry to hear you've had a difficult experience with your support team. I can say for sure that any SSL Certificate you get should work for both www and non-www extensions of your common name. If you can provide the domain name in question, that might help others understand your issue and further suggest solutions. It would also be good to know what kind of hosting you're using and whether or not this is a primary domain or an addon/alias domain. That can play into how this gets resolved as well. 


I have a website that uses SSL and I have the following code for HTTPS redirects:

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

My site (built in WordPress) uses the non-www by default in my WordPress settings but I think the same should work for you. The other parts of your .htaccess file might still be necessary for other redirects too.



Another thing that can come into play in situations like this is where the .htaccess file is placed. Usually, they affect all directories that are underneath (within) them unless that directory already has a .htacess file. For example, if you have a cPanel account and create a .htaccess file above the /public_html directory, it will have an effect on any file or directory you put in /public_html. Ideally, with what you're trying to do, the HTTPS redirect should only be in the folder for the domain you're trying to protect with HTTPS. If it's in a directory above that, that could be what's causing your problem. 


Hope that helps. If not, feel free to provide more information. Others in the community may be able to provide you with additional suggestions.


JesseW - GoDaddy | Community Manager | 24/7 support available at | Remember to choose a solution and give kudos.

Re: Has anyone yet figured out the SSL redirect for "www" prefix?

Thanks for your response, JesseW - but my web site and SSL are FINALLY doing what I paid to have them do.


To address a few of your questions/comments: 1) I don't use Wordpress for my sites (don't even understand that), but rather write the HTML and CSS myself; 2) my HTACCESS file is definitely in the right place and has been from the beginning; 3) the code you've provided - while appreciated - does not at all resolve the situation I describe. I've actually (sadly) seen this same code redistributed multiple times on multiple help boards as the "solution" - but for many of us, it simply is NOT.


Here is the PROPER code for my site. It is literally the entire HTACCES file required to redirect my SSL site to its secure/HTTPS address. It works for BOTH the "www" and "non-www" URL of my site:


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?replace-with-your-URL\.com$ [NC]
RewriteRule ^$$1 [R,L]


I will repeat - this works COMPLETELY for me. I cannot assume it works for everyone else, especially you Wordpress folks, because I know nothing about that. But, for me, the nightmare of the past seven days or so has finally been resolved.


A note about the code itself... Obviously, where I have typed "replace-with-your-URL" you should replace this text with YOUR web address. For example, if your site is you would delete the text "replace-with-your-URL" and replace it with "alphabetsoup".


I feel incredibly thankful and fortunate to have this issue resolved. Having read literally dozens of other comments from people begging for a similar solution - I sincerely hope this also ends their GoDaddy/SSL nightmare.