Activate the Fastly's Force TLS functionality in Magento Admin to enable the global HTTP to HTTPS redirect for all pages of your Magento Commerce (Cloud) store.
This article provides detailed steps, a quick overview of the Force TLS feature, affected versions, and links to related documentation.
Step 1: Configure Secure URLs
In this step, we define the secure URLs for the store. If that's already done, go to Step 2: Enable Force TLS.
- Log in to Magento Admin.
- Navigate to Stores > Configuration > General > Web.
- Expand the Base URLs (Secure) section.
- In the Secure Base URL field, specify the HTTPS URL of your store.
- Set the Use Secure URLs on Storefront and the Use Secure URLs on Admin settings to Yes.
- Click Save config in the upper-right corner to apply changes.
Related documentation in Magento User Guide: Store URLs.
Step 2: Enable Force TLS
- In Magento Admin, navigate to Stores > Configuration > Advanced > System.
- Expand the Full Page Cache section, then Fastly Configuration, then Advanced Configuration.
- Click the Force TLS button.
- In the dialog that appears, click Upload.
- After the dialog closes, make sure the current state of Force TLS is displayed as enabled.
Related Fastly documentation: Force TLS guide for Magento 2.
About Force TLS
TLS (Transport Layer Security) is a protocol for secure HTTP connections that replaces its less secure predecessor—the SSL (Secure Socket Layer) protocol.
The Fastly's Force TLS functionality allows you to force all incoming unencrypted requests for your site pages to TLS.
It works by returning a 301 Moved Permanently response to any unencrypted request, which redirects to the TLS equivalent.
For instance, making a request for http://www.example.com/foo.jpeg would redirect to https://www.example.com/foo.jpeg.
Securing communications (Fastly documentation)
- Magento Commerce (Cloud):
- version: 2.1.4 and later
- plan: Starter and Pro (including Pro Legacy)
- Fastly: 1.2.4
No changes needed in routes.yaml
To enable HTTP to HTTPS redirect on all pages of your store, you do not have to add the pages to the
routes.yaml configuration file—enabling Force TLS globally for your entire store (using Magento Admin) is enough.