Activate HTTPS in the Magento settings to apply SSL encryption to your website.

    Requirements

    The domain must be secured with an SSL certificate.

    For your website to use HTTPS, you must have connected your domain to an SSL certificate. You can check if this is active by going to your domain with https:// at the beginning.

    Activate SSL Certificate now

    Find out more Set Up an SSL Certificate Managed by 1&1 IONOS

    Step 1

    Log in to the administration area of your shop.

    Step 2

    Go to System > Configuration in the menu and then select Web under General on the left.

    The web settings are displayed.

    Step 3

    Open the URL Options pane and change the Auto-redirect to Base URL setting to No.

    Step 4

    Open the Unsecure and Secure sections and replace the http with https for each Base URL.

    Step 5

    Click Save Configuration.

    Switch Magento to HTTPS (SSL)

    Setting Up Forwarding from HTTP to HTTPS

    To avoid duplicate content, we also recommend that you redirect the HTTP address to the HTTPS address using a so-called 301 redirect (permanent forwarding).

    To do this, add the following lines to your .htaccess file:

      RewriteEngine On
      RewriteCond %{HTTPS} off
      RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

      The .htaccess file is located in the root directory of your Magento installation and can be edited in the 1&1 IONOS 1&1 IONOS as follows:

      • Open the Webspace View.
        Log In and Open the Webspace ViewOpen the Webspace View
      • To open the root directory of your Magento installation, click on the ClickandBuilds folder and select the directory of your Magento project.
      • Locate the .htaccess file and click Edit File under Actions to the right of it. A new window opens in which you can edit the file contents.
      • Insert the lines of code above (in the black box) at the beginning of the .htaccess file.
      • Click Save.
        Forwarding is immediately active.

      Congratulations! Your shop pages now load automatically with HTTPS.