ERR_TOO_MANY_REDIRECTS – htaccess Rewrite http to https

Home Forums BulletProof Security Free ERR_TOO_MANY_REDIRECTS – htaccess Rewrite http to https

This topic contains 19 replies, has 3 voices, and was last updated by  kinjo beti 1 year, 7 months ago.

Viewing 15 posts - 1 through 15 (of 20 total)
  • Author
    Posts
  • #20454

    cabdrome
    Participant

    I would like to force https in the website http://www.cabdrome.com , I tryed to do it adding these 2 lines in the .htaccess file. But then I receive this error: ERR_TOO_MANY_REDIRECTS

    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    This webpage has a redirect loop The webpage at https://www.cabdrome.com  has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

    #20457

    AITpro Admin
    Keymaster

    See this forum topic for http to https rewrite htaccess code:  http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

    Note:  You must have a valid SSL certificate.

    #20458

    cabdrome
    Participant

    [Topic has been manually merged and combined]

    My webserver is needing also this custom code to not give Internal Server Error:
    Following exactly all of the steps, I only receive an Internal Server Error on both admin and public area.

    # DO NOT SHOW DIRECTORY LISTING
    # If you are getting 500 Errors when activating BPS then comment out Options -Indexes
    # by adding a # sign in front of it. If there is a typo anywhere in this file you will also see 500 errors.
    #Options -Indexes
    
    And with and without it, Adding also the suggested custom code:
    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    RewriteRule ^index\.php$ - [L]

    ————————-

    Thanks! Yes I am using the Comodo Certificate, now I go to read your suggested topic.
    ————————-

    Thanks I refollowed all steps like well exlpained and effectively I don’t receive Internal Server Error, but still this error this time:

    The page isn’t redirecting properly
    Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
    This problem can sometimes be caused by disabling or refusing to accept cookies.

    I am using only 2 custom code:
    1) # Option -index  to not (of the # DO NOT SHOW DIRECTORY LISTING section, to not receive Internal Server Error when activating BPS) and this one to force HTTPS:

    2) Nothing else, so if I deactivate the first, the website is reacked and if I deactivate the second, I don’t knwo how to force a 100% https website.

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    RewriteRule ^index\.php$ - [L]

    —————————–

    #20486

    cabdrome
    Participant

    I disabled W3 Total Cache and the nrepeating all the procedure I receive this error:
    This webpage has a redirect loop
    The webpage at https://www.cabdrome.com/ has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
    Now I try to contact the server support, thanks a lot for admin help.

    #20489

    AITpro Admin
    Keymaster

    @ cabdrome – To troubleshoot exactly what is causing the 500 Internal Server error do these steps.

    1. Use FTP or your web host control panel file manager and delete the htaccess file in your website root folder.
    2. Go to the htaccess Core >>> Custom Code page and cut (not copy) all of your custom htaccess code out of all of the BPS Custom Code text boxes and save all of your custom code to a Notepad or Notepad++ text file (not Word or WordPad).
    3. Click the Save Root Custom Code button.
    4. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    If you do not see a 500 Internal Server error on your website then this means that none of the BPS standard htaccess code is causing the problem and you will need to isolate exactly which custom htaccess code is causing the problem by adding your custom htaccess code individually and testing it to isolate which custom code is causing the 500 error.

    1. Add one block of custom code, save it and activate Root folder BulletProof Mode. Do this for each block of custom code you have until you find out which code is the problem.

    Also make sure that you are adding your custom htaccess code in the correct BPS Custom Code text boxes.  Each Custom Code text box has a short description of which custom htaccess code goes in that particular Custom Code text box.  The Read Me help button has some additional help information.
    —————————

    I checked your site and the Comodo SSL Certificate is valid and setup correctly.  When I go to the https address the site displays correctly and the SSL Certificate info shows valid and setup correctly.  Your site is not redirecting/rewriting to https from http.  Are you adding the SSL rewrite htaccess code in the correct BPS Custom Code text box?  Are you adding only this code shown in this forum topic and no other custom code in that text box?:  http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

    Do all of the Custom Code steps very carefully again to make sure you are not making any mistakes.
    ————————-

    I took a look at your site’s architecture and I see something that I have never heard of before IIS “Application Request Routing” and you have an Nginx / Apache mixed server environment (probably an Nginx Reverse Proxy).  I think you will need to contact your web host to find out if the http to https htaccess rewrite code works on your server/website.  Your host server may require some other htaccess code to do this on your server/website.

    http://builtwith.com/cabdrome.com

    Also you have W3 Total Cache installed on your site.  You may need to remove all of the W3TC caching code from your htaccess file and then setup W3TC again after you have the http to https rewrite htaccess code setup correctly.  I am not sure if you need to do that, but maybe?

    #20493

    cabdrome
    Participant

    Standard BPS code is giving internal server error, I need to disable the “Option -index” to let BPS to work, and I have no other custom codes.
    My webserver suggest to use these row to force HTTPS for an entire site :

    RewriteEngine On
    RewriteCond %{ENV:SECURE_REDIRECT} !on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    #20496

    AITpro Admin
    Keymaster

    Ok then combine the code your host is recommending into the WordPress Rewrite code like this:

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{ENV:SECURE_REDIRECT} !on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteRule ^index\.php$ - [L]
    #20499

    cabdrome
    Participant

    Using this code and going to the website with chrome, Opera and Firefox with HTTP (without S) it answer this error: Found
    The document has moved http://www.cabdrome.com and going there with Internet Explorer , it answer:
    This page can’t be displayed
    Make sure the web address http://www.cabdrome.com is correct.
    Look for the page with your search engine.
    Refresh the page in a few minutes.
    Going to HTTPS , Chrome say that the page contain scripts from unauthenticated sources.. also firefox say that the page contain unencryopted content.

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{ENV:SECURE_REDIRECT} !on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_<wbr />URI}
    RewriteRule ^index\.php$ - [L]
    #20502

    AITpro Admin
    Keymaster

    Go to the BPS htaccess Core page >>> htaccess File Editor tab page and copy and paste the entire contents of your root htaccess file (Your Current Root htaccess File) in your forum reply post.  Or if you cannot login to your website then download the root htaccess file and copy and paste the htaccess code in your forum reply.

    #20507

    cabdrome
    Participant

    Yes, I can login regularly, thanks:
    [htaccess code copied and then deleted]

    My webserver is not giving a so much deep assistance, but maybe I could skip the problem trough a cheap CDN with SSH traffic protocol service!

    #20509

    AITpro Admin
    Keymaster

    Ok your root htaccess code is exactly correct so it is not a problem with the htaccess code itself.  Since the code is correct then the problem must be with something else on your server/website and you will need to contact your host to have them assist you to figure out what is going on with your particular server/website.  I suspect the problem has to do with whatever the IIS “Application Request Routing” thing is or some other configuration problem on your server.

    #20541

    cabdrome
    Participant

    I have a good news! now the website is 100% https! I founded that logo and a css file was forcing http, and they was creating the loop, so now I a redirecting to http trough php code, instead about the .htaccess redirect, I will try to find more info.

    Thanks a lot again for the help.

    #20550

    AITpro Admin
    Keymaster

    Yes.  You are correct.  If you are rewriting your entire site from http to https then all links/URL’s MUST be https or else you will get redirect/rewrite looping problems.

    #20563

    cabdrome
    Participant

    This time I used this code:

    RewriteEngine On
    RewriteBase /
    RewriteCond %{SERVER_PORT} !=80
    RewriteRule (.*) https://www.cabdrome.com/$1 [R=301,L]

    This code don’t give errors, but if I go to the url of an image with HTTP:
    http://www.cabdrome.com/wp-content/uploads/2014/12/cabdrome-logo.png
    then it not force HTTPS..

    #20566

    AITpro Admin
    Keymaster

    All of your internal URL’s should be https for images and everything else on your site.  If they are not then you need to change all URL’s so that they are https.  If you have mixed http and https URL’s on your website then you will see redirect looping errors and the redirects will most likely fail.  If someone uses an http URL to your website domain or a post or page URL from an external source (not internal) ie an old http URL link posted on another website then they should be redirected from http to https. That is what the code is used for.

Viewing 15 posts - 1 through 15 (of 20 total)

You must be logged in to reply to this topic.