Prerequisites
-
- Apache web server installed and running
- SSL/TLS enabled with a valid certificate (self-signed, Let’s Encrypt, or paid)
- Domain name resolving to your server
- Access to Apache configuration files (usually in
/etc/apache2/sites-available/) - Basic knowledge of using the command line and a text editor like nano or vim
If you don’t have an SSL certificate yet, follow this guide to create one.
<— Video —>
Introduction
Redirecting non-www to www in Apache over HTTPS is an essential step for improving SEO, preventing duplicate content, and standardizing your website URL. This guide walks you through configuring your Apache server to perform this redirect securely using HTTPS.
Step 1: Enable mod_rewrite
Apache’s rewrite engine must be enabled. Run the following commands:
sudo a2enmod rewrite
sudo systemctl restart apache2Step 2: Update Your Virtual Host Configs
You’ll need two virtual host entries—one for the non-www version that performs the redirect, and another for the www version that serves your site content.
Non-WWW Redirect
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.crt
SSLCertificateKeyFile /etc/ssl/private/example.key
RewriteEngine On
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
</VirtualHost>
WWW Version
<VirtualHost *:443>
ServerName www.example.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.crt
SSLCertificateKeyFile /etc/ssl/private/example.key
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Be sure to replace example.com and certificate file paths with your own values.
Step 3: Restart Apache and Test
Run this command to apply the changes:
sudo systemctl restart apache2Open your browser and go to https://example.com. It should redirect to https://www.example.com. If not, check your Apache error log:
sudo tail -f /var/log/apache2/error.logThis Works for Public Web Servers Too
This setup works with both self-signed certificates (for local testing) and Let’s Encrypt or commercial SSL certificates (for production sites).
Just make sure your certs cover both example.com and www.example.com. With Let’s Encrypt, they usually do by default.
My Private Home Office Configuration
-
- Linux is my daily driver
- Windows 10 laptop
- VirtualBox installed on Windows
- Using VirtualBox to create LAMP servers for development and testing
- Linux and Windows
hostsfiles used as internal DNS - I use non-routable domain names like
example.internal - Everything runs on a private LAN with non-routable IP addresses
Related Link
🔗 Need to generate a certificate first? Read this:
How To Create a Self-Signed SSL Certificate for Apache
Frequently Asked Questions (FAQ)
Can I use this on a live server?
Yes, just use a real SSL certificate like Let’s Encrypt or one from a certificate authority.
Will this help with SEO?
Absolutely. Redirecting all traffic to the www version reduces duplicate content and improves your search engine indexing.
Do I need DNS changes?
Make sure both example.com and www.example.com point to the same IP address in your DNS records.
Can I redirect www to non-www instead?
Yes. Just reverse the roles of the virtual hosts—redirect from www to non-www and serve content on the non-www host.
Can I use this with a wildcard SSL certificate?
Yes, wildcard certs like *.example.com will work with this method.
Conclusion
Redirecting non-www to www over HTTPS in Apache is a simple but effective way to improve your site’s consistency and SEO. Whether you’re using a self-signed cert in a local test environment or a production-grade certificate on a public server, the steps are nearly identical.
Want to set up your SSL first? Don’t forget to check this out:
How To Create a Self-Signed SSL Certificate for Apache
With this redirect in place, your Apache site is now better organized and more secure.