Having enabled access to both HTTPS and HTTP versions of your website may lead to duplicate content.

For instance, the Google Search may index both HTTPS and HTTP versions of your site’s webpages, which may create unnecessary duplicates in the search results like this:

Having duplicate pages indexed isn’t good from the SEO perspective. Furthermore, you don’t want users accessing the non-secure HTTP pages and getting the connection not secure alert messages in their browsers.

You can avoid these problems by forcing use of HTTPS.

This can be done by adding a few lines of code to the .htaccess file that’s usually located in the websites’ root directory on the server.

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Please keep in mind that some web hosting providers have the HTTPS forcing option in their settings interfaces. Also, your web host has maybe already automatically added this or similar code to force HTTPS.

Of course, all of this is possible only if you have an SSL certificate up and running on your website.