Forcing HTTPS over HTTP

Question

So I want to force the user to access the https version of my page rather than the http. And according to this post all I have to do is this:

RewriteEngine On 
R         


        

Answer 1

Your site can be vulnerable if you're redirecting from http to https. Take a look at this for some more information on that.

http://www.thoughtcrime.org/software/sslstrip/