All geek questions in one place

Submit WWW, but force https throughout wordpress and the whole domain

I am having some problems with several installations of wordpress and .htaccess rewrite rules, mainly to force https, but also to remove www. from any area.

Domains / Subdomains:

  • Wordpress 1: examplewebsite.com ( /home/hostingacc/public_html/ )
  • Wordpress 2: test.examplewebsite.com ( /home/hostingacc/public_html/test/ )
  • Wordpress 3: moretests.examplewebsite.com ( /home/hostingacc/public_html/moretests )

.htaccess Rewrites

I tried to use several rewrite rules that I found on the Internet, I donโ€™t know which one is the best to use, but the following are the basic rewrite rules that I used

 RewriteEngine On RewriteCond %{HTTP_HOST}#%{HTTPS}s ^www\.([^#]+)#(?:off|on(s)) [NC] RewriteRule ^ http%2://%1%{REQUEST_URI} [R=301,L]

What I got from https://github.com/h5bp/server-configs-apache/issues/48 , but as mentioned earlier, one of them may be better suited for FORCING HTTPS and DO NOT REMOVE WWW

 RewriteEngine On RewriteCond %{SERVER_PORT} 80 [OR] RewriteCond %{HTTP_HOST} ^www.examplewebsite.com RewriteRule ^(.*)$ https://examplewebsite.com/$1 [L,R=301]

or

 RewriteEngine On RewriteCond %{HTTPS} !=on [OR] RewriteCond %{HTTP_HOST} !^examplewebsite\.com$ [NC] RewriteRule ^ https://examplewebsite.com%{REQUEST_URI} [R=301,L]

or

 RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{HTTP_HOST} ^www*\.(.*examplewebsite\.com)$ [NC] RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]

or

 RewriteEngine On RewriteCond %{HTTP_HOST} ^www*\.(.*examplewebsite\.com)$ [NC] RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L] RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

All of the above rules seem to work with respect to forcing https and removing www in the main wordpress installation, but the rules do not currently apply to subdomains or sub-categories /wp-admin/ for each of the wordpress installations, I assume this is because in each of these directories has a .htaccess file.

Edition Edition

  • examplewebsite.com (the main site) correctly always forcibly uses https, and is also forced to delete www. BUT ... the problem is on examplewebsite.com/wp-admin/, which still correctly forces https (either by the rule or using the wp-config.php force ssl command, but doesnโ€™t force www to be removed. For some reason, I guess because I have the following .htaccess file located under the / wp -admin / folder, so it seems to me that I need a rule for htaccess in this folder to force the removal of www. and also force https.

  • test.examplewebsite.com and moretests.examplewebsite.com (subdomains) have a problem when it does NOT force https, and it also does NOT force www to be removed.

  • test.examplewebsite.com and moretests.examplewebsite.com (subdomains) also have the same problem as the first / wp-admin / do not forcibly delete www.

  • If I go into settings or SQL for my subdomains or even edit wp-config.php to override SQL and change the website URL and home url to have https and not have www. (https causes this problem), then wordpress installations become unusable, they disappear and visit links to subdomains, redirects / loads the main website instead

Configuration

  • examplewebsite.com - Current .htaccess files

Homepage: http://pastebin.com/raw/9RNuQZS5
WP Admin: http://pastebin.com/raw/8vVnDTRx

  • examplewebsite.com - SQL Variables

Site URL (Home): https://www.examplewebsite.com
Wordpress URL: https://www.examplewebsite.com

  • examplewebsite.com - WP Config (overrides SQL)

Config:

 define('FORCE_SSL_ADMIN', true); define('FORCE_SSL_LOGIN', true); define('WP_HOME','https://examplewebsite.com'); define('WP_SITEURL','https://examplewebsite.com'); define('DOMAIN_CURRENT_SITE', 'examplewebsite.com' ); define('COOKIE_DOMAIN', 'examplewebsite.com' ); define('ADMIN_COOKIE_PATH', '/wp-admin/');
  • test.examplewebsite.com and moretests.examplewebsite.com

The subdomains are all configured as shown below, however wp-config is not currently being applied, as forced https causes issue 4.

.Htaccess files are 99% identical to the files on the main domain / site, except that there are no custom wp rewrite loop code rules (redirect from www to non-www and redirect http to https)

  • test.examplewebsite.com and moretests.examplewebsite.com - SQL variables

Site URL (Home): http://test.examplewebsite.com
Wordpress URL: http://test.examplewebsite.com

  • test.examplewebsite.com and moretests.examplewebsite.com - WP Config (overrides SQL)

Config:

 define('FORCE_SSL_ADMIN', true); define('FORCE_SSL_LOGIN', true); define('WP_HOME','https://test.examplewebsite.com'); define('WP_SITEURL','https://test.examplewebsite.com'); define('DOMAIN_CURRENT_SITE', 'test.examplewebsite.com' ); define('COOKIE_DOMAIN', 'test.examplewebsite.com' ); define('ADMIN_COOKIE_PATH', '/wp-admin/');

The setting above causes the same problem as the SQL change (issue 4)

+5
source share
1 answer

steps to check (I just illustrate for one site):

  • ping www.examplewebsite.com expected result: you should see the ip address of your site.
  • ping examplewebsite.com expected result: you should see the ip address of your site.
  • go to https://examplewebsite.com to make sure you can site

  • Add the following as the start of your CUSTOM CODE WP REWRITE LOOP START in the .htaccess root directory:

     # CUSTOM CODE WP REWRITE LOOP START # WP REWRITE LOOP START RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://examplewebsite.com/$1 [R,L] RewriteBase / RewriteRule ^index\.php$ - [L]

    above, to ensure that all non-ssl access to ssl is redirected, rename all non-ssl access to the site on examplewebsite.com, now you should redirect to https://examplewebsite.com if you type http: // www. examplewebsite.com or http://examplewebsite.com in a browser

  • The last part contains your wp-config.php file to include the following:

     define('WP_HOME','https://examplewebsite.com'); define('WP_SITEURL','https://examplewebsite.com'); define('DOMAIN_CURRENT_SITE', 'examplewebsite.com' ); define('COOKIE_DOMAIN', 'examplewebsite.com' ); define('ADMIN_COOKIE_PATH', '/wp-admin/');

    this part is designed to provide even ssl access to your www.examplewebsite.com

because you have a complete site, accessible only as ssl access, so the following is not required in your wp-config.php file:

 define('FORCE_SSL_ADMIN', true); define('FORCE_SSL_LOGIN', true);
0
source

Source: https://habr.com/ru/post/1238886/

More articles:


All Articles