Issues with SSL on EC2 behind ELB with nested WordPress blog - wordpress

I'm migrating my website to AWS and have everything up and running on a Linux EC2 instance using ELB to enable SSL/TLS. Everything works fine (codeigniter, phpbb3, osticket) EXCEPT for issues with the WordPress portion of the site which resides in a subdirectory (e.g. www.mysite.com/blog). Portions of the blog are being accessed via http and therefore I am getting a "mixed content" message. I also get infinitely redirected when attempting to log in to the admin portion of the blog.
In order to get https working, I followed Amazon's instructions and added the recommended code to my httpd.conf file.
However, according to this blog (https://blog.lawrencemcdaniel.com/wordpress-aws-elb-ssl), WordPress doesn't work with that.
AMAZON RECOMMENDED CODE
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>
I figured there must be a way to apply the rewrite rule to all but one directory so that I can follow the WordPress specific instructions, but I can't seem to find any information on that. (I could just be a poor searcher!). I am open to any help resolving this matter.
----EDIT----
I have since tried the following (neither worked):
changed rewrite rule in httpd.conf to
RewriteRule !^blog https://%{HTTP_HOST}%{REQUEST_URI} [L,R=permanent]
and added
define('WP_HOME','https://www.example.com/blog');
define('WP_SITEURL','https://www.example.com/blog');
in wp config file.
removed VirtualHost code from httpd.conf file entirely and left WP_HOME and WP_SITEURL in wp config file

Ok. Here is what ended up working for me.
Use the Amazon recommended code in your httpd.conf file
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>
Add the following to your wp-config.php file
define('WP_HOME','https://www.yoursitename.com/yourdirectory');
define('WP_SITEURL','https://www.yoursitename.com/yourdirectory');
define('FORCE_SSL_ADMIN', true);
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';

Related

Redirect a URL to another URL in Lighthouse/Wordpress

Previously I had a website implemented as a single page application on S3, and it had a page pointing to a list of tools. The URL for this list was: example.com/tool/<tool-name>
To expand the features of my website, I redid the DNS so that this old site is now sitting on a subdomain: tools.example.com/tool/<tool-name> (the new site, that is, example.com, is now on Lighthouse/Wordpress).
As there are still a bunch of links around the web referencing URLs in the tool list of the old site, I would like to write a redirect on Bitnami.
I've already asked for help on this and was told to do the following, but the redirect still doesn't seem to work when I go to example.com/tool/<tool-name>:
Modify /opt/bitnami/apps/wordpress/conf/httpd-app.conf by adding the following rule to the bottom of the file:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/tool/(.*)$
RewriteRule ^(.*)$ https://tools.example.com/tool/$1 [P,L]
sudo /opt/bitnami/ctlscript.sh apache restart
Is this pattern correct, or am I writing to the right file?
EDIT
I changed the redirect code above slightly to reflect feedback in the comments. It is redirecting to https not http and I changed the last bit of code to [P,L] from [R=301,L]
I just tested this change in the Bitnami solution and it worked properly, can you try it?
Remove the changes from the /opt/bitnami/apps/wordpress/conf/httpd-app.conf file
Edit the /opt/bitnami/apache2/conf/bitnami/bitnami.conf file and include the Rewrite* lines the VirtualHost of the port 80
...
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache2/htdocs"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/tool/(.*)$
RewriteRule ^(.*)$ http://google.com [P,L]
...
You can also add those lines in the VirtualHost block of the port 443 in the same file.
Restart Apache
sudo /opt/bitnami/ctlscript.sh restart apache
As you can see, in my example, Apache is redirecting to google.com but you can redirect to any URL.

Remove index.php from Wordpress URLs

I am new to Wordpress but tried all documentation and Stack Overflow posts for possible solutions but none of them have worked so far.
I have verified that mod rewrite is enabled and working as expected. Followed all steps mentioned here. https://wordpress.stackexchange.com/questions/105795/remove-index-php-from-permalinks
Also restarted Apache couple of times but still getting 404 errors when I remove index.php path from Permalink Settings.
Renamed the wordpress directory to blog to access the site at www.xyz.com/blog. Now the requirement is to access any blog posts with
www.xyz.com/blog/2018/02/09/my-wp-post without index.php in the URLs.
We don't have any other CMS content other than WP for the blog site.
Permalink settings(Custom Structure):
/index.php/%year%/%monthnum%/%day%/%postname%/
.htaccess file contents:
BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>
I spent ton of time trying many different approaches answered here or elsewhere but none of them fixed my issue.
This is what I did and it has fixed my issue.
Change permalink settings to remove index.php
Update/Save .htaccess content that's at the root of the WP installation if it's not allowed to be updated automatically when we change permalink settings in WP admin panel.
This is the important step since not many Q & A mentioned this in detail, other than wordpress documentation here. Specifically check AllowOverride settings and change it to All, Apache httpd.conf will not load the .htaccess contents without this change. Of course mod_rewrite must be enabled in the server if it's not already done. In our case it's enabled by default, so didn't have to mess with this step.
Also make sure FollowSymLinks option enabled as mentioned in the WP documentation.
Last but not least, make sure you restart the Apache service/server for the changes to take effect.
Entry in httpd.conf file:
<Directory "/var/www/html/blog">
Options FollowSymLinks
AllowOverride All
Assuming Ubuntu 16.04 & Apache2
1) Activate mod_rewrite. It's available but not enabled with a clean Apache 2 installation.
sudo a2enmod rewrite
2) Restart Apache
sudo systemctl restart apache2.service
3) Setup .htaccess
(Note: Apache reccomends using a server configuration file over inserting rules into .htaccess, however, for this example, inserting rules into .htaccess is sufficient because of the negligible performance hit.)
sudo nano /etc/apache2/sites-available/000-default.conf
Insert the following in 000-default.conf
<VirtualHost *:80>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
4) Restart Apache
Repeat step 2
5) Create .htaccess in the web root.
touch /var/www/html/.htaccess
Insert the following into .htaccess
RewriteEngine On
6 Configure the URL Rewrite (Note: Assuming index.php)
sudo nano /var/www/html/.htaccess
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
mod_rewrite is a useful Apache module that can be used effectively to ensure human-readable URLs and good SEO results. If you'd like to learn more about mod_rewrite, take a look at Apache's mod_rewrite Introduction and Apache's official documentation for mod_rewrite.
In a nutshell, as #Cnu as mentionned, the problem very few resources on the internet touch on is the fact that your apache configuration must contain an AllowOverride FileInfo directive for wordpress rewrites to work without /index.php/.
Since Apache 2.4, AllowOverride default setting is "None", which is often a roadblock in making "pretty urls" work (in this case ditching the index.php). As #cnu mentionned, you should read carefully this resource : https://wordpress.org/support/article/using-permalinks/.
Make sure to have mod_rewrite enabled
-> (to be sure create an info.php you will remove later containing the line <?php phpinfo();?>) at the root of your blog and call https://domainofyourb.log/info.php)
Make sure your .htaccess is writable by wordpress. (permission and ownership should be allowing your webserver (often with the username "apache") to edit the file.
Change your wordpress permalinks settings, and check that .htaccess file is correctly written.
Check that your apache configuration (etc/httpd/conf/httpd.conf in some linux distros) contains the directive AllowOverride FileInfo within your blog's <Directory></Directory> section
Options directive to FollowSymLinks should be the default, but if Options directive is mentionned, add FollowSymLinks for good measure.
when all that is done, don't forget to restart your Apache server. (sudo service httpd restart in my case, ymmv).
P.S : wrote this answer because I can't comment (don't have rep) on cnu's answer, and wanted to correct 1. allowoverride doesn't need to be set to ALL, it can be set to simply "FileInfo", 2. update the link to wordpress doc, and 3. provide background on the change in apache 2.4 that causes this issue.
Go to admin page, Dashboard -> Settings -> Permalink Settings -> Custom Structure, select /%postname%/ or, /%year%/%monthnum%/%day%/%postname%/ up to you.

Solving the WordPress permalink issue on a virtual server

I have a variation on the old WordPress problem regarding permalinks failing (404 errors) when permalinks are set to anything other than 'plain' (where plain = http://example.com/?p=123 and a 'pretty' URL = http://example.com/sample-post/ - taking the URL content from the article title, for example).
For the first time I am starting a site on a virtual rather than dedicated server (Hetzner hosted), where I at least was able to easily read the httpd.conf settings and other server configurations.
To recap here, the problem is that neither WordPress nor the default server settings are usually ready for the URL rewriting that allows 'pretty' URLs out of the box. When confronted with this problem before, on dedicated servers, I would ensure that AllowOverride was set to 'all' or '[directory]' and then would put in an .htaccess file into the web's document root with this traditional solver:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
However this does not work on my Hetzner server. I put in the above code to an .htaccess file, set the permissions correctly and restarted. But the front page still shows links to the article lists, but the articles themselves all still throw that old 404 error.
The only access I have to the core server directives is drip-fed out in sections and radio-buttons etc via Plesk. I can't even open up the httpd settings read only to see how AllowOverride is set. Hetzner consider this a 'software problem', and therefore unsupported.
There is a section in Plesk where you can add additional Apache and Nginx directives (with duplicate boxes for http and https for Apache). I tried this in the Apache boxes and rebooted, but it didn't help (obviously this is not the actual URL I wrote):
<Directory "/var/www/vhosts/example.com/httpdocs/">
AllowOverride All
</Directory>
If anyone has any suggestions as to how I can get the usual rewrite fix in, in these circumstances, it would be much appreciated.
Okay, the problem was an obscure one, as it turned out. The virtual server was running Nginx on top of Apache, and I needed to install a plugin via Plesk which provides an 'ht access translator' for Nginx in Plesk. I pasted the rewrite directives there, they were 'translated' to Nginx-understandable commands, and the problem is solved.

CodeIgniter with Wordpress, https with http, on AWS with Load Balancer, Wordpress permalinks not working

I have the following setup. An Elastic Beanstalk Environment with a Load balancer. The web application, installed in the root, is using CodeIgniter. Wordpress is installed in the subdirectory /blog off the root. The CodeIgniter application requires https, but wordpress needs to be http. The load balancer is configured to listen on https and http, the instances behind the load balancer are http.
My first configuration to manage this is a .ebextensions file in the root. This file is deployed with the application to set a .conf to redirect all http traffic to https EXCEPT /blog. That file looks like this
files:
"/etc/httpd/conf.d/ssl_rewrite.conf":
mode: "000644"
owner: root
group: root
content: |
RewriteEngine On
<If "-n '%{HTTP:X-Forwarded-Proto}' && %{HTTP:X-Forwarded-Proto} != 'https'">
RewriteCond %{REQUEST_URI} !^/blog/
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</If>
The next step in the configuration is an .htaccess file in the root. This controls the CI requests. It looks like this:
<FilesMatch "\.(ttf|otf|eot|woff|woff2|svg)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
RewriteEngine on
RewriteBase /
RewriteCond $1 !^(index\.php|uploads|blog|assets|robots\.txt)
RewriteRule ^(.*)$ /index.php/$1 [L]
Options -Indexes
Finally in the /blog directory containing Wordpress I have this .htaccess
RewriteEngine On
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
The CI app works fine, and http requests are sent to https correctly. The /blog root directory itself (i.e. the 'home page' such as http://example.com/blog) also works fine. Even the /blog/subdirectories such as http://example.com/blog/wp-admin/options-general.php work fine. What does not work are permalinks such as http://example.com/blog/my-article (presumably because they are not real files). If I change the permalinks setting to remove the permalinks and allow post urls to look like this http://example.com/blog/?p=123 that also works. Only permalinks do not work.
An additional problem (which should be obvious) is that if anyone tries to access the blog with https directly, they will get a mixed content warning and broken links. So I also need to redirect https://example.com/blog/* back to http.
I am sure this setup is over complicated, and I could remove both .htaccess files and place all my settings in the .ebextensions config file however I am not sure how to do that. I have been piecing together several solutions such as this and this for days and each solution creates another problem.
For anyone going to suggest that Wordpress should be https as well, I am not opposed to that, however I have been down that road for over a week with no good solution that allows me to maintain non-ssl test and development environments that will deploy to AWS properly without messy plugins, files that change in production which I cannot easily port back to test and dev, and host of other https/wordpress problems. The simplest solution seems to be running Wordpress http. I'm also open to another CMS to replace Wordpress. Bottom line is I just want a blog to live under CI on AWS, in https/http, play nice together, and deploy easily.
It should also be noted that in dev and test, everything works fine. The only significant difference between dev and test is the .ebextensions file and the https redirect.
Any help is appreciated.
Take a look on this video:
AWS solution
you need to use the correct header so that does not happend, especially if your load balancer is not using secure connections between the instance and the load balancer

Redirect domain.nl/pages to domain.com/nl/pages

I stopped using domain.com as DocumentRoot for domain.nl as the WPML setup (WordPress Multilingual) with two domains each loading a single language from one DocumentRoot / CMS could not be done by Dreamhost admins and is no longer really condoned by Dreamhost on managed VPS as it requires customization of httpd.conf or working with custom vhosts. This they no longer allow on managed VPS and I understand.
I now work with one domain with the other language (nl) in a subdirectory of the .com domain. All still managed from one WP CMS using WPML
So I now I added a .htaccess to domain.nl with
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.nl$ [OR]
RewriteCond %{HTTP_HOST} ^domain.com.com$
RewriteRule (.*)$ https://domain.com/nl/$1 [R=301,L]
</IfModule>
I added this to stop customers from seeing 404s for pages like https://domain.nl/category/very-long-post-name/ where they should see https://domain.com/nl/category/very-long-post-name/
I do not see it redirecting yet. It still 404s at https://www.domain.nl/category/very-long-post-name/
Any ideas how I can fix this?
Well for all those who bump into similar issues working with mirroring of domains or using ServerAliasing and or changing of the DocumentRoot (web directory in Dreamhost) to use WordPress with WPML and two domains loading two languages.
Do not forget to do these changes or or undo them for HTTPS as well. Not only for HTTP. In the Dreamhost panel there are two locations under domains > manage domains. One for HTTP and one for HTTPS. Single last column is for HTTPS
For other hosters the places are probably different or you have to do it manually

Resources