WordPress SSL htaccess code – Rewrite SSL, RewriteCond Server Port

[jenni101]

[Topic has been merged into this relevant Topic]

Hi there,

Just a follow on question to the redirect code for non-www to www url…

After setting up my site I changed purchased an SSL cert and so it’s now https://www.mysite.com. So:
[code removed as it may be confusing to someone else and is not what is needed]
or just the redirect rule you mentioned here http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233 like this?

# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ - [L]

I believe this is ‘forcing SSL’? I’ve researched your advice re forcing SSL and I think you suggested not to do so in case there’s the odd http file/image etc that’s slipped through, or a plugin action that isn’t, in which case it breaks the site. Could you confirm your current recommendation? As you can see I’m getting a bit tied up with it all!
Many thanks.

[AITpro Admin]

You would do the exact steps in this forum link:
http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

The SSL code is rewriting/redirecting http URL’s to https URL’s for your entire website. What the note means about having only https URL’s is that all of your website URL’s must be https or else errors and problems will occur. I believe that once you change your WordPress URL settings then all of your URL’s will be https.  You can double check that by viewing the Source Code of your website home page.  See the note for more specific details.

[jenni101]

Have just plucked up the courage to add the above code as instructed – works brilliantly, don’t know why I put it off now. One final query about the recommended code: RewriteCond %{SERVER_PORT} ^80
Our server thought that the SSL port has a different number; that Port 80 is the default port for http, and port 443 is the default port for https. So how important is it to have the correct port number here? Should it be changed to: RewriteCond %{SERVER_PORT} !^443$
And would this force the website to load via https: more quickly? Many thanks.

[AITpro Admin]

Using RewriteCond %{SERVER_PORT} !^443$ should work fine. The condition says – if Server Port is not 443… I don’t think there would be any difference in performance/load speed.

[Anaimation]

[Topic has been merged into this relevant Topic]

Hi,

I recently got a SSL Certificate for my domain http://www.anaimation.design and then I installed the BPS Pro. In my root, I have a directory with several other websites, that I link in my main website. These links were loading fine until I installed BulletProof Security Pro and somehow restricts the way the .htaccess file loads. How can I fix this? I.e. this project was loading fine, now it gives a “PAGE NOT AVAILABLE” message: https://www.anaimation.design/web-projects/bbb

Thanks for your help.

[AITpro Admin]

First you will need to add the HTTPS Rewrite code that is in this same forum Topic here:  http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

Next you will need to check the Source Code of your home page to make sure all links are https and not http.  I checked your website and currently I see a mix of http and https links in your Source Code.  Those http link problems may be fixed by doing the steps in the link above.

What is /web-projects/bbb?  Is this another website installed here:  /web-projects/?  Is this just another folder under your hosting account?  What is /bbb/?  A folder or another website?

[jenni101]

Sorry, just need to clarify re. your comment on 3-6-15 “The condition says – if Server Port is not 443…”

So if they say the https port is 443, should i add the code: RewriteCond %{SERVER_PORT} ^443 instead of: RewriteCond %{SERVER_PORT} !^443$ – to allow it, rather than block it?

Many thanks.

[jenni101]

[Topic has been merged into this relevant Topic]

Hi there,

After successfully using the redirect from http to https I was wondering what was the proper way to incorporate the redirect from non-www to www too? The closest I’ve come to a solution is here: http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www From searching it looks like everyone has a different way! Could you share your recommendations for this?

Many thanks, J

[AITpro Admin]

UPDATE: HTTPS/SSL htaccess Rewrite code with step by step Custom Code instructions:  http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

I believe this would work, but this code has not been tested.  I think with SSL your Certificate is specific to the exact domain name.  So it would be better to setup your site so that it is using the correct domain name in WordPress settings and anywhere else.

# https/SSL www to non-www
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteCond %{HTTP_HOST} ^www\.domainname\.com$ [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ - [L]

# https/SSL non-www to www
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteCond %{HTTP_HOST} ^domainname\.com$ [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ - [L]

[jenni101]

Thanks for that – I’ve just tested the ‘https/SSl non-www to www’ version (with my domain name in!) and checking it through webpagetest site it’s worked just fine. many thanks for your help and advice yet again!

PS: any comment on the ‘port number’ bit of the code as per my comment on June 4th?

[AITpro Admin]

The Port Condition does not block anything – it is a “pattern” matching condition.  HTTP uses Port 80 and HTTPS/SSL uses Port 443.  So if you use “is NOT” Port 443 condition then you are saying “IS” Port 80.  If you are saying IS Port 80 then you are saying IS Port 80.  They are the same thing.  If you say to match Port 443 then that condition will not match Port 80 and will only match 443 and will not work of course to do what it is supposed to achieve.  What you are trying to achieve overall is you want any Requests sent to Port 80 to be redirected to 443.

[jenni101]

ohh i understand now – got it at last! Thanks.

(PS. thought you might like to know that for some reason i don’t seem to be getting email notifications of replies any more from here – always used to until about the last 3 – 4 weeks; despite confirming that I’ ‘subscribed’ / I’ve got the Notify me of follow-up replies via email box ticked. Not sure of it’s at your site end of my email provider, but other emails getting through OK and not in the spam either.)

[AITpro Admin]

Automated emails are working normally so maybe your web host is now rejecting automated emails from our web host.  We have an ongoing issue with automated emails being rejected by other web hosts due to the automated email headers looking like spam.  There is no possibility of a fixing this or creating a solution, so at some point we will probably get a 3rd party email provider instead of using our web host’s email services.

[Paul]

[Topic has been merged into this relevant Topic]
If i want to redirect my site to https using. Where would i put this, also i currently have redirects from old to new pages, would this then make those redirects void?

RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

[AITpro Admin]

See these 2 replies in this same forum topic for how to add HTTPS/SSL htaccess code to BPS Custom Code:
http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233
http://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/page/3/#post-23149

If your current redirect code for redirects from old to new pages needs to be changed to match your new site HTTPS/SSL rewrite/redirect code then you will need to update your redirect code to match your new HTTPS/SSL code.

[Author]

Posts