We need to force redirect all http traffic to https on space.wmflabs.org. Currently all links and navigation point to HTTPS, but we'd like to have this forced so there are no accidents. :) I've tried doing this at the Apache level (via .htaccess rules).
```
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# Don't allow indexing in directories
Options -Indexes
# Force HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
```
I also have a rule in the WordPress config which is recommended as a best practice. This does not force HTTPS for subpages space.wmflabs.org///sometthing //can still be accessed via http
```lang=php
/* SSL Settings */
define('FORCE_SSL_ADMIN', true);
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';
define('FORCE_SSL_CONTENT', true);
define('FORCE_SSL_ADMIN', true);
define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/');
```