Home › Forums › BulletProof Security Pro › WordPress SSL htaccess code – Rewrite SSL, RewriteCond Server Port
Tagged: htaccess SSL, HTTPS, Rewrite SSL, RewriteCond, SSL, SSL Vhost, WordPress SSL, WordPress SSL htaccess code
- This topic has 123 replies, 22 voices, and was last updated 1 year, 3 months ago by nehakakar kakar.
-
AuthorPosts
-
AITpro AdminKeymaster
Yes, see this Reply in this same forum topic > https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233. Also check your WordPress General Settings (WordPress Address (URL) and Site Address (URL)) to make sure they are correct.
HannahParticipantHi there, I’m having an unusual issue with SSL redirects on a client site that I just migrated to GreenGeeks hosting. It did not previously have SSL, so we wanted to have them install it for us. I had disabled BPS while they installed the SSL cert, and the rewrite code they put at the top of the the default htaccess file was:
RewriteEngine On RewriteCond %{HTTP_HOST} domain\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://domain.com/$1 [R,L]
That worked fine, http to https and www to non-www, but at the expense of not having any BPS security in htaccess of course.
I can’t seem to save any edits in custom code on any site I have hosted at GreenGeeks, so I have to edit htaccess on the server. To do this, I replaced the default rewrite code in the CUSTOM CODE WP REWRITE LOOP START section. Redirect loop. So I replaced it with the first version you have on the WordPress SSL htaccess Code page here at ait-pro.com, updating successively as I followed the instructions on the page. None of them worked. So I’ve fallen back to the default with the working rewrite code for now, but I wonder if you can tell me if there is something special I need to do at GreenGeeks, or if this is something else non-hosting related that can be remedied easily.
I do have the site set up as https in the WordPress General Settings, and have replaced all non-secure urls with secure ones in the database. No SSL “helper” plugins installed. Just tried running the setup wizard and the redirect loop reoccurred. Returned to the default with GG https rewrite code at the top (before the # BULLETPROOF DEFAULT .HTACCESS line) and it performs as expected.
I know there’s a way to get this to work, but I’m not finding it on my own. I may be doing something wrong in REPLACING the default rewrite rules in the BPS htaccess with the rewrite code provided by GG? Maybe you can clarify that since I’m not sure if my attempts to add it by hand are correct and I don’t have BPS to back me up since Custom Code won’t save.
Thanks for any help you can offer.
PS: I really like GreenGeeks hosting, but it is very annoying to continually get 403 errors when trying to save Custom Code. Is there anything to be done about that?
AITpro AdminKeymaster@ Hannah – The Custom Code not saving problem is caused by Mod Security installed on your web host. Contact your web host support and ask them to either create Mod Security whitelist rules for your website, remove/delete the Mod Security rules causing the problem or disable Mod Security for your website. Once you have fixed the Mod Security problem then you can move forward again.
Mod Security – Common known problems
https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/jenni101ParticipantHi there,
I’m just changing my site to https (at long last!), with my W/P site sitting in a sub-folder (tpphoto) of the root (GWIOD setup). Also keeping the url as www.
I’ve read through your advice and sample custom code for this, but not 100% sure if I’ve got it right. Please can you check that the code I plan to use in the .htaccess Custom code box 8 is correct for this set-up?
# WP REWRITE LOOP START # Rewrite|Redirect http to https|SSL & non-www to www & site in sub-folder RewriteEngine On RewriteBase /tpphoto/ RewriteCond %{HTTPS} !=on RewriteCond %{SERVER_PORT} ^80 RewriteRule (.*) https://www.mysite.com%{REQUEST_URI} [R=301,L] RewriteRule ^index\.php$ - [L]
Many thanks.
AITpro AdminKeymaster@ jenni101 – Use the Rewrite/Redirect HTTP (non-SSL) to HTTPS (SSL) code below first before trying to use the non-www to www SSL rewrite code. Logically if you have changed your WordPress General settings then the Rewrite from non-www to www should happen automatically. Only use the non-www to www SSL rewrite code if the code below does not work.
# WP REWRITE LOOP START RewriteEngine On RewriteBase /tpphoto/ RewriteCond %{HTTPS} !=on RewriteCond %{SERVER_PORT} ^80 RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteRule ^index\.php$ - [L]
jenni101Participantmany thanks – so the
{HTTP_HOST}
is now used instead of the actual site url?
AITpro AdminKeymaster@ jenni101 – HTTP_HOST is the entire Host header field. Your WordPress URL settings on the WordPress General Settings page – WordPress Address (URL) and Site Address (URL) – set the Host header field. Site Address (URL) is your actual Host header field. So as long as your Site Address (URL) includes www then if someone types in the non-www URL to your website the internal WordPress database Rewrite should rewrite/redirect to your www URL. You should test typing your non-www URL in your Browser to make sure the rewrite to your www URL works correctly. Another problem that can occur is that you will see a Browser warning about your website not being secure when you type in a non-www URL. That problem is caused by your Browser not being capable of reading the Host in your SSL Certificate. If that problem occurs then you will need to add a DNS CNAME record for either your non-www or www domain in your web host control panel > https://forum.ait-pro.com/forums/topic/ssl-issue/
jenni101Participant@ait-pro – thanks. Understand it better now. And seems to be working fine without the wwwtoo so redirecting as expected, and without security warnings. Phew!
PaulParticipantReading through here, would the option to force all site to https be in here https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-1737
AITpro AdminKeymaster@ Paul – That particular person was using an HTTPS WordPress plugin, which you don’t need to install/use. As long as you have a valid SSL Certificate then you only need to add the HTTPS/SSL Rewrite htaccess code here > https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233
PaulParticipantOk great thankyou
brewmaxwellParticipantI just need a place to save images under SSL for creating a paypal site for the client.
They recommend to host the logo for the paypal page on SSl, thats my intention. Not really making anything more secure.AITpro AdminKeymaster@ brewmaxwell – PayPal IPN will only work over SSL. Other benefits of SSL besides security: Faster website page loads, higher page ranking in Google search results and no warning messages from Google about a website not being secure. You can get free SSL Certificates from Let’s Encrypt > https://letsencrypt.org/. If you have cPanel hosting you can install the Free SSL Certificate Plugin for WordPress > https://wordpress.org/plugins/auto-install-free-ssl/. This plugin will automatically renew SSL Certificate’s.
So since it is free and easy to get an SSL Certificate then that is the best route to go instead of trying to do some sort of 3rd party logo image hosting.
verysinghParticipantThe sub folders will follow their parent folders’ htaccess AS LONG as the subfolder contains NO own htaccess ? Did I get You right? Andre
AITpro AdminKeymaster@ verysingh – Yes, that is correct. Another possible scenario could be that a subfolder htaccess file contains htaccess code that does something different than a parent htaccess file. In that case, rules from the parent htaccess file would be applied to the subfolder AND unique htaccess rules in the subfolder htaccess file would ALSO be applied to the subfolder. This forum topic contains additional help info about htaccess file hierarchy > https://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/
-
AuthorPosts
- You must be logged in to reply to this topic.