原文:

After you’ve enabled SSL for your website, you’ll probably want to redirect all traffic on your website to the https version of your site. There are multiple ways to do that. Let’s compare some commonly used ways.

Using script configuration

Some scripts (including Wordpress) have a setting which allows you to set your website URL. By changing this URL from http://example.com to https://example.com, the script will probably redirect visitors to the https version of your site. Even if your script does not redirect people, it’s still highly recommended to check if your script has a setting for the URL because it will prevent other problems with links on your page.

Using .htaccess

Probably the most common way to force traffic to https is by redirecting requests using .htaccess. The .htaccess is a simple text file simply called ‘.htaccess’ which contains additional settings passed to the web server to support some more complicated functionality. If you are using a script created by other people (including CMS like Wordpress), you can probably find a .htaccess file already in the htdocs folder of your website. If you don’t have a .htaccess file yet, you can create a file using the File Manager with the file name .htaccess. Using the File Manager is recommended, some systems (especially Windows) don’t work well with .htaccess files.
After you’ve found or created your .htaccess file, you can edit it in the File Manager or using any text editor (like Notepad). You need to add the following lines to the file:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:CF-Visitor} !{"scheme":"https"}
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Using Cloudflare settings

If you’re using Cloudflare on your website, you can let Cloudflare enforce HTTPS for you. Simply login to Cloudflare’s website, go to the Crypto settings for your domain, and enable “Always use HTTPS”.

Final notes on forcing HTTPS

If your website doesn’t work anymore after applying any of these settings, there are a few common issues you should check for.

If your website does not display any content at all or shows a 500 - Internal Server Error and you’re using the .htaccess method, that means there is an error in your .htaccess file. Please make sure you copied the content exactly as shown above. If you’re sure it’s correct, you can try getting help in the forum. If you do, be sure to include the contents of your .htaccess file in the message.

If your website does show content but is missing styles, scripts or images, those files are probably linked to with http:// urls instead of https:// urls. Most browsers block requests to http:// content on https:// pages for security reasons. Check your script settings (if applicable) or update your pages to ensure only https:// urls are used on the page.

谷歌翻译:

为您的网站启用 SSL 后,您可能希望将网站上的所有流量重定向到网站的 https 版本。有多种方法可以做到这一点。让我们比较一些常用的方法。

使用脚本配置

某些脚本(包括 Wordpress)具有允许您设置网站 URL 的设置。通过将此 URL 从http://example.com更改为https://example.com,该脚本可能会将访问者重定向到您网站的 https 版本。即使您的脚本没有重定向用户,仍然强烈建议您检查您的脚本是否有 URL 设置,因为它可以防止页面上的链接出现其他问题。

使用 .htaccess

强制流量到 https 的最常见方法可能是使用 .htaccess 重定向请求。.htaccess 是一个简单的文本文件,简称为“.htaccess”,其中包含传递给 Web 服务器的附加设置,以支持一些更复杂的功能。如果您使用由其他人创建的脚本(包括 CMS,如 Wordpress),您可能会在您网站的 htdocs 文件夹中找到一个 .htaccess 文件。如果您还没有 .htaccess 文件,您可以使用文件管理器创建一个文件名为 .htaccess 的文件。建议使用文件管理器,某些系统(尤其是 Windows)不能很好地处理 .htaccess 文件。

找到或创建 .htaccess 文件后,您可以在文件管理器中或使用任何文本编辑器(如记事本)对其进行编辑。您需要将以下行添加到文件中:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:CF-Visitor} !{"scheme":"https"}
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

使用 Cloudflare 设置

如果您在您的网站上使用 Cloudflare,您可以让 Cloudflare 为您强制执行 HTTPS。只需登录 Cloudflare 的网站,转到您的域的加密设置,然后启用“始终使用 HTTPS”。

关于强制 HTTPS 的最后说明

如果您的网站在应用任何这些设置后不再工作,那么您应该检查一些常见问题。

如果您的网站根本不显示任何内容或显示 500 - Internal Server Error 并且您正在使用 .htaccess 方法,这意味着您的 .htaccess 文件中有错误。请确保您复制的内容完全如上所示。如果您确定它是正确的,您可以尝试在论坛中获得帮助。如果这样做,请确保在消息中包含 .htaccess 文件的内容。

如果您的网站确实显示了内容但缺少样式、脚本或图像,则这些文件可能使用 http:// 网址而不是 https:// 网址链接。出于安全原因,大多数浏览器都会阻止对 https:// 页面上的 http:// 内容的请求。检查您的脚本设置(如果适用)或更新您的页面以确保页面上仅使用 https:// 网址。

ref: https://forum.infinityfree.net/docs?topic=49322