Verify HTTPS Redirect
Learning Focus
By the end of this lesson you will know how to verify that HTTP-to-HTTPS redirects are working correctly.
Testing the Redirect
# Test from the command line
curl -sI http://example.com | head -5
# Expected output:
# HTTP/1.1 301 Moved Permanently
# Location: https://example.com/
What to Check
| Test | Expected Result | Meaning |
|---|---|---|
curl -sI http://example.com | 301 redirect to HTTPS | ✅ Working |
curl -sI https://example.com | 200 OK | ✅ HTTPS working |
Above returns 200 on HTTP | No redirect active | ❌ Enable "Always Use HTTPS" |
Where Redirects Can Be Configured
- Cloudflare → "Always Use HTTPS" (easiest)
- OpenLiteSpeed → Listener redirect rules
.htaccess→ RewriteRule (per-site)
info
If "Always Use HTTPS" is enabled in Cloudflare, you do not need server-side redirect rules. They are redundant.
Key Takeaways
- Verify with
curl -sI http://example.comthat a 301 redirect is returned. - Cloudflare's "Always Use HTTPS" is the simplest redirect method.
- Do not configure redundant redirects in both Cloudflare and the server.
What's Next
- Return to the Cloudflare SSL Full (Strict) Setup for the full checklist.