Home › Forums › BulletProof Security Pro › cPanel HTTP to HTTPS Redirection
- This topic has 4 replies, 2 voices, and was last updated 6 years, 11 months ago by Immerse.
-
AuthorPosts
-
ImmerseParticipant
While adding force redirection from http to https to a site today, I came across something. Having added the code below
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
to my htaccess file inside cpanel, I realised that there would be issues with bps and needing to change stuff inside the plugin. Before quitting cpanel, I did a quick check and found that there were 3 instances of ‘RewriteEngine On’ in the same htaccess file. Without my addition, there were already two. I realised that these two ‘RewriteEngine On’ instances were from blocks copied between ‘current root htaccess’ and the custom version at setup. Is that right?
My understanding has always been that multiple instances are not permitted or advised.
AITpro AdminKeymasterYou definitely do not want to have more than one block of of Rewrite/Redirection code that Rewrites/Redirects all website pages/posts since that would probably cause your website to perform slower. ie Rewrite/Redirect x1, x2, x3. I recommend that you use the HTTP to HTTPS Rewrite/Redirect htaccess code in this forum topic > https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233 and do not use the cPanel HTTP to HTTPS Redirection.
ImmerseParticipantMaybe I didn’t explain myself; there wasn’t a block that redirected posts or pages. I added, or wanted to add that, to force https. There was nothing there with that before. The block I wanted to add was that copied above.
Having added that, I checked htaccess to see if ‘RewriteEngine On’ already existed in htaccess, and I found one in your loop start code and one somewhere else, which were both added by copying htaccess code, as instructed, into the custom htaccess page.
So I didn’t mean multiple redirects, I meant multiple instances of ‘RewriteEngine On’. Does that change your answer?
Incidentally, not expecting an answer so quickly, I added the http-https redirect code (as above) and then deleted the additional ‘RewriteEngine On’ instances lower down the page, and it seems that everything works okay. I say ‘seems’ because I haven’t spent more than a few minutes checking. Maybe there’s a bomb waiting to go off, I don’t know…
AITpro AdminKeymasterMultiple instances of the RewriteEngine On htaccess directive in an htaccess file does not negatively impact anything. You only need 1 instance of the htaccess directive before any htaccess mod_rewrite htaccess code, but it is ok to have redundant instances of the RewriteEngine On htaccess directive in an htaccess file.
The code you posted above will redirect all pages and posts (URLs|URIs) from http to https.
BPS standard htaccess code already rewrites/redirects all pages and posts in this code below. So the optimum method to use to rewrite/redirect from http to https is to modify the existing BPS standard rewrite/redirect code.# WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L]
If you want to use your htaccess code instead of the BPS http to https code in the forum link above then do these steps:
1. Copy the .htaccess SSL/HTTPS code below to use to this BPS Root Custom Code text box: CUSTOM CODE WP REWRITE LOOP START
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.# WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteRule ^index\.php$ - [L]
ImmerseParticipantAh okay, I understand. Thanks, will change it.
-
AuthorPosts
- You must be logged in to reply to this topic.