This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Peak Performance.

Limitless Scalability.

  • 0

    Days

  • 0

    Hours

  • 0

    Mins

  • 0

    Sec

Off For 4 months
+40 free Migrations

Secure Any CMS With Ease with Our Malware Protection Add-On! LEARN MORE→

How to Easily Add SSL Certificate and Force HTTPS in PHP

Updated on December 8, 2021

9 Min Read
php https

OPcache is a caching engine that is built into the PHP framework. When empowered, it significantly increases the performance of websites that utilize PHP. OPcache improves PHP performance by putting away precompiled script bytecode in shared memory, thereby removing the need for PHP to stack and parse scripts on each ask.

Having an SSL certificate on your PHP site builds trust with your visitors, especially if you’re running an online business. You can use Cloudways to get a PHP HTTPS enabled web application for secure communication between your server and your website visitor.

In this age of information insecurity, all websites that handle sensitive customer information such as passwords and credit card numbers must offer secure and encrypted communication channels. In the absence of such channels, intercepting and stealing customers’ information becomes quite easy for anyone.

Advantages of Using PHP SSL Certificates:

A Secure Socket Layer (SSL) certificate encrypts the connection between the customer and your web server. The information is rendered unreadable by all third parties (identity thieves and hackers).

The core purpose of an SSL certification would be to safeguard server-client communication. On installing SSL, each piece of data is encrypted.

In layman’s terms, the secured information can only be unlocked from the intended receiver. No one can access the data or user’s information, and hackers can’t breach or crack it. Each SSL session consists of two keys:

  • The public key, or asymmetric cryptography, is used to encrypt the information.
  • The private key is used to decrypt the information and restore it to its original format to be read.

A PHP SSL certification also:

  • Offers authentication and identity verification to your website.
  • Boosts ranking in search engines. Google ranks SSL certificate-protected websites higher because they count the trust factor as a ranking factor.
  • Improves conversion rate because visitors expect the padlock when making purchases through the online website. Without an SSL Certificate, you can lose your revenue.

Now that we know why SSL certificates are necessary let’s look at how you can add SSL in PHP websites on Cloudways. If you don’t have an account, sign up now.

Host PHP Websites with Ease [Starts at $10 Credit]

  • Free Staging
  • Free backup
  • PHP 8.0
  • Unlimited Websites

TRY NOW

Let’s Encrypt: Free SSL/TLS Certificates

Let’s Encrypt is a free SSL certificate approved by IETF (Internet Engineering Task Force). The certificate is installed through Let’s Encrypt after three months, but if auto-renewal is enabled, the PHP SSL certificate will be renewed every 60 days, so you need to get it reissued before it expires.

Cloudways not only provides a convenient auto-renew feature for Let’s Encrypt certificates, alerting you 15 days prior to expiration, but also offers free SSL hosting. This ensures your PHP sites remain secure without additional costs. Utilizing this free SSL Certificate is straightforward, enhancing your site’s security effortlessly.

Some points to keep in mind before installing Let’s Encrypt:

  • It cannot be installed on the staging URLs that Cloudways provides when you first launch your application.
  • The domain must be running on the same server where the Let’s Encrypt is being installed.
  • There must be a DNS propagation time for that domain on the same server where you are going to install the Let’s Encrypt certificate.
  • The certificate will be installed for URLs with www and without www.
  • When you clone your server or your app, you need to reinstall the certificate.

How to Install Let’s Encrypt Certificate?

Setting up an SSL certificate is now as easy as ABC. Follow the steps below on how to install a free Let’s Encrypt certificate on your PHP site hosted with Cloudways.

Login to your Cloudways platform, go to Applications and click on the PHP site you want to add an SSL to.

Click on your application to get into the Application Management dashboard.

Application Management dashboard
Management dashboard

You will see two options: one is for Let’s Encrypt, and the other is for installing Paid Certificate. In the Let’s Encrypt dialog box, please enter the email and the domain where you are installing Let’s Encrypt and click on Install Certificate.

Let’s Encrypt dialog box
auto-renew your certificate

Once it is installed, you will be asked for permission to auto-renew your certificate. If you want to renew it manually, select Disable, else choose Enable. Click SAVE CHANGES to save your selections.

ssl management

Before installing the Let’s Encrypt certificate, this is what the URL section looks like:

Let’s Encrypt certificate

Here it is after installing the Let’s Encrypt Certificate on Cloudways:

Let’s Encrypt URL

Now, whenever your PHP HTTPS certificate is near expiration, you will get an email from Cloudways that your Let’s Encrypt certificate is expiring. If you opt to keep it from expiring, Cloudways will renew the certificate. To verify the certificate, visit your domain using the HTTPS prefix (e.g., https://www.yourdomain.com).

Add Multiple-Domain SSL to PHP Application:

Through Cloudways, Let’s Encrypt SSL certificates, you can deploy SSL on multiple domains. This means that the Cloudways users could now install a single Let’s Encrypt SSL certificate and then use the certificate across all their domains and subdomains.

To install the Let’s Encrypt certificate on multiple domains, click Add Domain and enter the domain names associated with your PHP website. Once done, click Install Certificate.

How to Add Wildcard SSL Certificates for Subdomains?

It would be best if you marked the Apply Wildcard checkbox. It will take a few moments to provide you with the CNAME record that needs to be added to the domain registrar.

Add Wildcard SSL Certificates

Log in to your domain registrar and add a CNAME record with the same information:

  • Type: CNAME
  • Value: website URL
  • Host: _acme-challenge

Once done, go back to the SSL Certificate section and click Verify DNS. It will validate the settings and notify you accordingly. In the next step, click Install Certificate to install SSL on a PHP based website.

Nothing as Easy as Deploying PHP Apps on Cloud

With Cloudways, you can have your PHP apps up and running on managed cloud servers in just a few minutes.

How to Install Custom SSL Certificate:

Deploying Custom SSL via Cloudways Platform is very easy with the following steps.

Navigate to the Servers tab from the top menu bar and choose your target server on which your desired website is deployed.

Install Custom SSL Certificate

In the Application Management menu, select SSL Certificate.

Application Management menu

Now, select “I do not have a certificate” from the dropdown, as shown in the screenshot below. Then click Create CSR.

If you want to use a single certificate on multiple domains, mark the checkbox where it says SAN and add the other domain names in the form.

ssl management certifficate

Now, a dialog box will appear, prompting for the following information.

Country: Select your country.

States: Enter your state, e.g., Texas.

Locality: Enter your locality/city, e,g Houston.

Organization Name: Enter your organization name.

Organizational Unit: Enter organizational unit.

Email: Provide your email address.

create csr

Once you submit the form, click Download CSR to download the CSR file locally and proceed to buy an SSL certificate.

Download CSR

Submit the downloaded CSR file to your SSL certificate provider to generate an SSL certificate.

The SSL Certificate Authority will provide two files:

Certificate Code refers to your application SSL certificate file content.
CA Chain refers to the certificate chain (intermediate certificate).

ssl installed

Next, click Submit, and you are good to go. Once done, the SSL certificate is installed and should work as intended on your PHP-based web application.

How to Check SSL Certificates Are Working Properly?

You can check your SSL certificate details using the SSL Checker Tool, which can help you determine if you have any problems with your SSL certificate installation.

It shows your SSL certificate is installed correctly, valid, trusted, and/is supported by the major web browsers or not.

SSL Labs offers an excellent SSL check tool where you enter your domain name, enter your domain name in the text box and click on the Submit Button. It will analyze and report something like this:

Check SSL Certificates

Improve Your PHP App Speed by 300%

Cloudways offers you dedicated servers with SSD storage, custom performance, an optimized stack, and more for 300% faster load times.

How to Redirect in PHP from HTTP to HTTPS?

Now that the certificates are installed, you need to force your PHP site to use HTTPS for all visitors. For this, add the following code to your .htaccess file. This is the recommended method for redirecting PHP to HTTPS running on Apache.

#PHP Redirect HTTP to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Redirect PHP to HTTPS Using Cloudways Platform:

Navigate to the Servers tab from the top menu bar and choose your target server on where your website is deployed. Select a target application from the drop-down list.

PHP Redirect to HTTPS

Next, click on the Application Settings option from the left navigation bar. Here you will see the HTTPS Redirection. It will be disabled by default. Now, toggle on to enable HTTPS redirection.

enable HTTPS redirection

A dialog box will appear asking for confirmation, so after reading the instructions, click Yes to implement the redirection.

implement HTTPS redirection

You will also get a notification once the HTTPS redirection is successfully implemented.

The reason for PHP forcing your site to use HTTPS is that once you have installed SSL on your site, the website is accessible in two versions: HTTP and HTTPS. Search engines, especially Google, consider the two versions different sites, which negatively affects your rankings in search engines because of duplicate content.

Supercharged Managed PHP Hosting – Improve Your PHP App Speed by 300%

Bottom Line

To sum up, activating HTTPS on PHP websites has immense benefits, especially given Cloudways’ easy and quick installation process. PHP security is essential. No web application should be without an SSL Certificate. You, as a user, should be wary of sending personal information across non-secure connections. Don’t miss out on taking full advantage of the HTTPS revolution.

Q. How to enable PHP openssl extension?

  • Open php.ini file under php installation folder.
  • Search for the extension “php_openssl. dll”.
  • Uncomment the extention by removing the semi-colon(;) at the end of the statement.
  • Now just restart your Apache Server.

Q. How to force SSL in PHP?

To force SSL in PHP, use the `$_SERVER` superglobal to detect if the request is not using HTTPS, then redirect to the HTTPS version using the `header()` function.

Q. How do I force HTTPS instead of HTTP?

You can force HTTPS instead of HTTP by configuring your web server (like Apache or Nginx) to redirect all HTTP traffic to HTTPS using server configuration files.

Q. How do I enable force HTTPS redirect?

You can enable force HTTPS redirect by configuring your web server to send HTTP 301 (permanent redirect) status code for all HTTP requests, redirecting them to the HTTPS version.

Q. Should you force HTTPS?

Yes, you should force HTTPS to ensure secure communication between the client and server, preventing data interception and manipulation.

Q. How to enable HTTPS wrapper in PHP?

You can enable HTTPS wrapper in PHP by enabling the OpenSSL extension in your PHP configuration file (php.ini) and ensuring that the necessary SSL/TLS libraries are installed on your server.

Q. How to use HTTPS in PHP?

You can use HTTPS in PHP by ensuring that your server supports HTTPS, configuring your application to use HTTPS URLs for all requests, and handling SSL/TLS certificates properly for secure communication.

Share your opinion in the comment section. COMMENT NOW

Share This Article

Inshal Ali

Inshal is a Content Marketer at Cloudways. With background in computer science, skill of content and a whole lot of creativity, he helps business reach the sky and go beyond through content that speaks the language of their customers. Apart from work, you will see him mostly in some online games or on a football field.

×

Webinar: How to Get 100% Scores on Core Web Vitals

Join Joe Williams & Aleksandar Savkovic on 29th of March, 2021.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Want to Experience the Cloudways Platform in Its Full Glory?

Take a FREE guided tour of Cloudways and see for yourself how easily you can manage your server & apps on the leading cloud-hosting platform.

Start my tour

Peak Performance.

Limitless Scalability.

  • 0

    Days

  • 0

    Hours

  • 0

    Mins

  • 0

    Sec

Off For 4 months
+40 free Migrations

Claim Now