WordPress SSL htaccess code – Rewrite SSL, RewriteCond Server Port

Home Forums BulletProof Security Pro WordPress SSL htaccess code – Rewrite SSL, RewriteCond Server Port

Viewing 15 posts - 91 through 105 (of 124 total)
  • Author
    Posts
  • #31814
    AITpro Admin
    Keymaster

    @ carsafety – Maybe there is a problem with using the www to non-www rewrite code since it looks like you were not using the www subdomain previously.  Try this code instead.  Also the code your host and simple ssl is using is pretty much the exact same code.

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    RewriteRule ^index\.php$ - [L]
    #31823
    carsafety
    Participant

    Thanks!  I’ve learned not to mess with even the tiniest differences in rewrite scripts.  I’m not a coder and I’ve gotten myself stuck into loops before lol.

    The redirects are working correctly now, but that still didn’t solve the issue with certain pages not redirecting their internal URL and image URL links to https.  The vast majority worked as expected.  For some reason, the Really Simple SSL plugin resolved this issue.  I’m stumped as to why, as the links look exactly like they do on any other working page.  For now I’ll suffer with the overhead the extra plugin causes, and perhaps look into it further in the future.  I know this isn’t likely an issue with BPS Pro but if you’ve got mixed content images or scripts the Really Simple plugin goes a step beyond just changing your URL settings and adding the necessary rewrite code.

    #31824
    AITpro Admin
    Keymaster

    @ carsafety – Yep, we had to do a lot of additional things on this forum site when we switched from http to https.  That is a standard thing when switching a site that was previously http to https.  See the IMPORTANT NOTES, Recommendation and Additional Stuff Checklist help sections in this link for other things that may need to be changed:  https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233  If you prefer to have the Really Simple SSL plugin handle any issues/problems dynamically instead of permanently fixing/correcting those issues/problems then that is fine too.  😉

    #32934
    protection
    Participant

    This is excellent documentation. The only other thing I’d add is to be mindful of any files/scripts that are external to WordPress. For example, I have a folder on my root called ‘external’ which had some hardcoded URLs containing http. I renamed them to https and all was well.

    #33140
    AW
    Participant

    Hi Bps,

    I migrated from http to https.

    By the way,
    The website is :
    https://pinnaclefc.com

    I did as follow:
    STEP ONE

    Copy below to CUSTOM CODE WP REWRITE LOOP START

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    RewriteRule ^index\.php$ - [L]
    

    I am running WP Fastest Cache, the previous CODE as below

    # BEGIN WpFastestCache
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^www.pinnaclefc.com [NC]
    RewriteRule ^(.*)$ http\:\/\/pinnaclefc\.com\/$1 [R=301,L]
    # Start WPFC Exclude
    # End WPFC Exclude
    RewriteCond %{HTTP_HOST} ^pinnaclefc.com
    RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WhatsApp|Mediatoolkitbot)
    RewriteCond %{REQUEST_METHOD} !POST
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_URI} !(\/){2}$
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{QUERY_STRING} !.+
    RewriteCond %{HTTP:Cookie} !comment_author_
    RewriteCond %{HTTP:Cookie} !wp_woocommerce_session
    RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil
    RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
    RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/all/$1/index.html -f [or]
    RewriteCond /home/sabaubew/pinnaclefc.com/wp-content/cache/all/$1/index.html -f
    RewriteRule ^(.*) "/wp-content/cache/all/$1/index.html" [L]
    </IfModule>
    <FilesMatch "index\.(html|htm)$">
    AddDefaultCharset UTF-8
    <ifModule mod_headers.c>
    FileETag None
    Header unset ETag
    Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
    Header set Pragma "no-cache"
    Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT"
    </ifModule>
    </FilesMatch>
    # END WpFastestCache
    # BEGIN GzipWpFastestCache
    <IfModule mod_deflate.c>
    AddType x-font/woff .woff
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/x-font-ttf
    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
    AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf
    </IfModule>
    # END GzipWpFastestCache
    # BEGIN LBCWpFastestCache
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|webp|js|css|swf|x-html|css|xml|js|woff|woff2|ttf|svg|eot)(\.gz)?$">
    <IfModule mod_expires.c>
    AddType application/font-woff2 .woff2
    ExpiresActive On
    ExpiresDefault A0
    ExpiresByType image/webp A2592000
    ExpiresByType image/gif A2592000
    ExpiresByType image/png A2592000
    ExpiresByType image/jpg A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType image/ico A2592000
    ExpiresByType image/svg+xml A2592000
    ExpiresByType text/css A2592000
    ExpiresByType text/javascript A2592000
    ExpiresByType application/javascript A2592000
    ExpiresByType application/x-javascript A2592000
    ExpiresByType application/font-woff2 A2592000
    </IfModule>
    <IfModule mod_headers.c>
    Header set Expires "max-age=2592000, public"
    Header unset ETag
    Header set Connection keep-alive
    FileETag None
    </IfModule>
    </FilesMatch>
    # END LBCWpFastestCache

    I just updated the WP Fastest Cache settings and it is as below :

    # BEGIN WpFastestCache
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} ^pinnaclefc.com
    # Start WPFC Exclude
    # End WPFC Exclude
    RewriteCond %{HTTP_HOST} ^pinnaclefc.com
    RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WhatsApp|Mediatoolkitbot)
    RewriteCond %{REQUEST_METHOD} !POST
    RewriteCond %{REQUEST_URI} !(\/){2}$
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{QUERY_STRING} !.+
    RewriteCond %{HTTP:Cookie} !comment_author_
    RewriteCond %{HTTP:Cookie} !wp_woocommerce_session
    RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil
    RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
    RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/all/$1/index.html -f [or]
    RewriteCond /home/sabaubew/pinnaclefc.com/wp-content/cache/all/$1/index.html -f
    RewriteRule ^(.*) "/wp-content/cache/all/$1/index.html" [L]
    </IfModule>
    <FilesMatch "index\.(html|htm)$">
    AddDefaultCharset UTF-8
    <ifModule mod_headers.c>
    FileETag None
    Header unset ETag
    Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
    Header set Pragma "no-cache"
    Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT"
    </ifModule>
    </FilesMatch>
    # END WpFastestCache
    # BEGIN GzipWpFastestCache
    <IfModule mod_deflate.c>
    AddType x-font/woff .woff
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/x-font-ttf
    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
    AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf
    </IfModule>
    # END GzipWpFastestCache
    # BULLETPROOF PRO 12.7 SECURE .HTACCESS
    # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    # BEGIN LBCWpFastestCache
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|webp|js|css|swf|x-html|css|xml|js|woff|woff2|ttf|svg|eot)(\.gz)?$">
    <IfModule mod_expires.c>
    AddType application/font-woff2 .woff2
    ExpiresActive On
    ExpiresDefault A0
    ExpiresByType image/webp A2592000
    ExpiresByType image/gif A2592000
    ExpiresByType image/png A2592000
    ExpiresByType image/jpg A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType image/ico A2592000
    ExpiresByType image/svg+xml A2592000
    ExpiresByType text/css A2592000
    ExpiresByType text/javascript A2592000
    ExpiresByType application/javascript A2592000
    ExpiresByType application/x-javascript A2592000
    ExpiresByType application/font-woff2 A2592000
    </IfModule>
    <IfModule mod_headers.c>
    Header set Expires "max-age=2592000, public"
    Header unset ETag
    Header set Connection keep-alive
    FileETag None
    </IfModule>
    </FilesMatch>
    # END LBCWpFastestCache

    ISSUE, I try to update the Updated Wp Fastes Cache on the Custom Code > Custom Code Top PHP with below updated cache:

    # BEGIN WpFastestCache
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} ^pinnaclefc.com
    # Start WPFC Exclude
    # End WPFC Exclude
    RewriteCond %{HTTP_HOST} ^pinnaclefc.com
    RewriteCond %{HTTP_USER_AGENT} !(facebookexternalhit|WhatsApp|Mediatoolkitbot)
    RewriteCond %{REQUEST_METHOD} !POST
    RewriteCond %{REQUEST_URI} !(\/){2}$
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{QUERY_STRING} !.+
    RewriteCond %{HTTP:Cookie} !comment_author_
    RewriteCond %{HTTP:Cookie} !wp_woocommerce_session
    RewriteCond %{HTTP:Cookie} !safirmobilswitcher=mobil
    RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
    RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/all/$1/index.html -f [or]
    RewriteCond /home/sabaubew/pinnaclefc.com/wp-content/cache/all/$1/index.html -f
    RewriteRule ^(.*) "/wp-content/cache/all/$1/index.html" [L]
    </IfModule>
    <FilesMatch "index\.(html|htm)$">
    AddDefaultCharset UTF-8
    <ifModule mod_headers.c>
    FileETag None
    Header unset ETag
    Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
    Header set Pragma "no-cache"
    Header set Expires "Mon, 29 Oct 1923 20:30:00 GMT"
    </ifModule>
    </FilesMatch>
    # END WpFastestCache
    # BEGIN GzipWpFastestCache
    <IfModule mod_deflate.c>
    AddType x-font/woff .woff
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/x-font-ttf
    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
    AddOutputFilterByType DEFLATE font/opentype font/ttf font/eot font/otf
    </IfModule>
    # END GzipWpFastestCache
    # BULLETPROOF PRO 12.7 SECURE .HTACCESS
    
    # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
    # BEGIN LBCWpFastestCache
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|webp|js|css|swf|x-html|css|xml|js|woff|woff2|ttf|svg|eot)(\.gz)?$">
    <IfModule mod_expires.c>
    AddType application/font-woff2 .woff2
    ExpiresActive On
    ExpiresDefault A0
    ExpiresByType image/webp A2592000
    ExpiresByType image/gif A2592000
    ExpiresByType image/png A2592000
    ExpiresByType image/jpg A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType image/ico A2592000
    ExpiresByType image/svg+xml A2592000
    ExpiresByType text/css A2592000
    ExpiresByType text/javascript A2592000
    ExpiresByType application/javascript A2592000
    ExpiresByType application/x-javascript A2592000
    ExpiresByType application/font-woff2 A2592000
    </IfModule>
    <IfModule mod_headers.c>
    Header set Expires "max-age=2592000, public"
    Header unset ETag
    Header set Connection keep-alive
    FileETag None
    </IfModule>
    </FilesMatch>
    # END LBCWpFastestCache

    However, when i click save, it shows not allow  and error 403.
    Please advise.
    Regards,
    Alex

    #33145
    AITpro Admin
    Keymaster

    AW – The mistake you are making is trying to combine redundant code together which will most likely cause unecessary problems or worse.  Either cancel out what you orginally intended to do and instead only combine relevant code together. You can of course combine your additional code into the existing BPS Speed Boost cache code or you can pick the base code that you want to use and then use parts of any other code that you want to use.  Note: The 403 error on Custom Code save was caused by invalid custom htaccess code.

    Example:

    # BEGIN WEBSITE SPEED BOOST
    # Time cheat sheet in seconds
    # A86400 = 1 day
    # A172800 = 2 days
    # A2419200 = 1 month
    # A4838400 = 2 months
    # A29030400 = 1 year
    
    # Test which ETag setting works best on your Host/Server/Website
    # with Firefox Firebug, Firephp and Yslow benchmark tests.
    
    # Create the ETag (entity tag) response header field
    # This is probably not the optimum choice to use.
    #FileETag MTime Size
    
    # Remove the ETag (entity tag) response header field
    # This is most likely the optimum choice to use.
    Header unset ETag
    FileETag none
    
    <IfModule mod_expires.c>
    ExpiresActive on
    # ExpiresByType overrides the ExpiresDefault...
    # cache expiration time of 2 days|A172800.
    ExpiresDefault A172800
    ExpiresByType image/jpg A4838400
    ExpiresByType image/jpeg A4838400
    ExpiresByType image/gif A4838400
    ExpiresByType image/png A4838400
    ExpiresByType image/bmp A4838400
    ExpiresByType image/x-icon A4838400
    ExpiresByType image/svg+xml A4838400
    ExpiresByType text/javascript A4838400
    ExpiresByType text/x-javascript A4838400 
    ExpiresByType text/css A4838400
    ExpiresByType text/html A4838400
    ExpiresByType application/x-font-ttf A4838400
    ExpiresByType application/x-font-woff A4838400
    ExpiresByType font/opentype A4838400
    ExpiresByType application/x-shockwave-flash A4838400
    ExpiresByType application/x-javascript A4838400
    ExpiresByType application/javascript A4838400
    ExpiresByType video/mp4 A4838400
    ExpiresByType video/ogg A4838400
    ExpiresByType video/webm A4838400
    </IfModule>
    
    <IfModule mod_headers.c>
    <FilesMatch "\.(js|css|flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|gif|jpg|jpeg|png|swf|webm)$">
    Header append Cache-Control "public"
    </FilesMatch>
    <FilesMatch "\.(txt|html)$">
    Header append Cache-Control "proxy-revalidate"
    </FilesMatch>
    <FilesMatch "\.(php|cgi|pl|htm|xml)$">
    Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
    Header set Pragma "no-cache"
    #33377
    AITpro Admin
    Keymaster

    Email Question:

    Hello,

    I recently added a UCC SSL certificate to enable HTTPS on 5 GoDaddy Managed WordPress websites. Each site has several 301 redirects added to the very bottom of the .htaccess file (bottom CUSTOM CODE box). When I’m logged into the WP backend and try to visit one of the redirects, the 443 port gets inserted into the redirected URL. As an example, here is one of my redirects: Redirect 301 /test1 /links

    So, when I go http://example.com/test1 or https://example.com/test1, I get redirected to http://example.com:443/links and see the following error message(s):

    With Cloudflare enabled: 400 Bad Request — The plain HTTP request was sent to HTTPS port
    With Cloudflare disabled: This page isn’t working — a-course-in-miracles.org didn’t send any data. — ERR_EMPTY_RESPONSE
    In the “CUSTOM CODE WP REWRITE LOOP START” .htaccess box, I have the standard code to redirect HTTP to HTTPS:

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    RewriteRule ^index\.php$ - [L]

    I’m not sure why the issue only occurs when logged in. I’ve found a couple posts about this, but no solutions:
    https://stackoverflow.com/a/35900318 (the suggested solution did not work for me)
    https://stackoverflow.com/q/42403534

    Do you have idea how to handle this?

    Answered and resolved by Go Daddy Managed WordPress hosting technical support:
    Hello,

    A quick follow-up. The following .htaccess code from GoDaddy has seemed to resolve (or bypass) the issue. I’ve replaced the standard HTTP > HTTPS redirect code (in the “CUSTOM CODE WP REWRITE LOOP START” box) with this new code.

    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_USER_AGENT} ^(.+)$
    RewriteCond %{SERVER_NAME} ^a\-course\-in\-miracles\.org$
    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
    Header add Strict-Transport-Security "max-age=300"
    #36511
    Thomas
    Participant

    Before coming across this help file I edited the .htaccess file through a file manager to add a rewrite, but BPS quarantined the file. So I found this thread and I pasted the following code under “Custom Code > Root Access Custom Code > CUSTOM CODE WP REWRITE LOOP START:”

    At first I copied the entire text from # WP REWRITE LOOP START to # WP REWRITE LOOP END and edited it as that’s what it says to do in the box next to it.
    I got the following error:

    403 Forbidden Error Page

    If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.

    IP Address: xxxxxxxxxx

    So I just placed this:

    # WP REWRITE LOOP START
    # Rewrite|Redirect http to https|SSL & non-www to www
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{SERVER_PORT} ^80
    RewriteCond %{HTTP_HOST} ^domain\.com\.au$ [NC]
    RewriteRule (.*) https://www.domain.com.au%{REQUEST_URI} [R=301,L]
    RewriteRule ^index\.php$ - [L]

    (with my domain in place of “domain”)

    and get the same error:

    403 Forbidden Error Page

    If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.

    IP Address: xxxxxxxxxx

    My hosting provider help files says to use:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    

    I tried this too, but I still get the same error.

    I am not sure that this has something to do with the quarantine that I caused at the start or what it is.

    My WordPress Settings > General Settings > WordPress Address (URL) & Site Address (URL) are both set to https://domain.com.au as I already had the SSL installed before installing WordPress.

    I clicked on “unlock htaccess file”, refreshed the page, and tried pasting in the code again but still no joy.

    I tried it without

    RewriteCond %{SERVER_PORT} ^80

    like this:

    # WP REWRITE LOOP START
    # Rewrite|Redirect http to https|SSL & non-www to www
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^domain\.com\.au$ [NC]
    RewriteRule (.*) https://www.domain.com.au%{REQUEST_URI} [R=301,L]
    RewriteRule ^index\.php$ - [L]

    But I still get the same error.

    403 Forbidden Error Page

    If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.

    IP Address: xxxxxxxxxx

    Any ideas what I am doing wrong?

    #36513
    AITpro Admin
    Keymaster

    @ Thomas – The 403 Forbidden errors are being caused by Mod Security in your web host control panel.  See this forum topic for how to proceed > https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/

    #36528
    Thomas
    Participant

    Thank you @keymaster.

    My hosting provider was able to find the modsec rule and temporarily unset it for me to update the .htaccess file via BPS Pro.

    #36545
    Thomas
    Participant

    My site is still not automatically loading https:// at the root directory unless I have already visited the site. A browser’s first visit still shows the warning that the site has no security.

    The B-Core ~ Htaccess Core Security tab shows me that the secure.htaccess  file starts with

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^domain\.com\.au$ [NC]
    RewriteRule (.*) https://www.domain.com.au%{REQUEST_URI} [R=301,L]
    RewriteRule ^index\.php$ - [L]
    

    Shouldn’t the tab with “Your Current Root htaccess File” have this code?

    #36546
    AITpro Admin
    Keymaster

    @ Thomas – That sounds like a caching problem.  Are you using a caching plugin and/or CDN and/or Cloudflare or server-side caching?

    #36547
    Thomas
    Participant

    I am using Jetpack by WordPress’ CDN to serve images.

    #36548
    AITpro Admin
    Keymaster

    EDIT|UPDATE: The problem was caused by missing a step in BPS Custom Code steps and Thomas has confirmed that the problem is now resolved.

    @ Thomas – I just noticed this statement you made in your previous forum Reply > “The B-Core ~ Htaccess Core Security tab shows me that the secure.htaccess file starts with”.  It sounds like the problem may be that you have added/saved the HTTPS/SSL htaccess code in the wrong place in BPS Custom Code or the BPS Pro htaccess File Editor.  The HTTPS/SSL rewrite code needs to be saved in this BPS Root Custom Code text box:  8. CUSTOM CODE WP REWRITE LOOP START. If you hvae 2 htaccess Rewrite sections of code in your Root htaccess file then that would explain why your website is rewriting URL’s twice.

    https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

    1. Copy whichever .htaccess SSL/HTTPS code below (there are 3 different variations depending on what you would like to do)  that you want to use to this BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    #36690
    Paul
    Participant

    ATI, Currently i have my http://www. site redirected in htaccess to my https://www. site
    Is there a way to do this plus redirect http:// and https:// (the non www. versions all to my https://www. site?

Viewing 15 posts - 91 through 105 (of 124 total)
  • You must be logged in to reply to this topic.