.htaccess rule to force SSL on only certain domains - wordpress

I'm running a WordPress multisite network that allows users to optionally use a custom domain name on their websites. Users that opt not to use a custom domain are assigned a subdomain of the WP install (e.g.: fred.example.com, with example.com being the URL the WP multisite network is installed on).
I have a wildcard SSL configured for the main domain, but I do not have certificates available for custom domain names.
What I need is a htaccess rule to force traffic to https if the request is for either example.com or *.example.com, but not if the request is coming in using a custom domain.
It should work as follows:
http://example.com/* → https://example.com/*
http://foo.example.com/* → https://foo.example.com/*
http://customdomain.com/* → http://customdomain.com/*

Try something like the following near the top of your .htaccess file. Using mod_rewrite:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:[a-z0-9-]+\.)?example\.com
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
What this says is... For all requests that are not HTTPS and that match example.com or <subdomain>.example.com then redirect to https:// on the same host, same URL-path.
Note that this doesn't allow www.<subdomain>.example.com (which I assume your SSL cert does not cover anyway).
Change the 302 (temporary) to 301 (permanent) only when you are sure it's working OK.

Related

Editing htaccess file to redirect only content + Wordpress

I have created a subfolder in my webserver and installed wordpress there, it's working ok. And now i have created several subdomains. I need to show pages made in the wordpress installation in those subdomains but without changing the addess shown in the web browser address bar.
Options +FollowSymLinks
RewriteEngine on
RewriteOptions inherit
RewriteBase /
RewriteCond %{HTTP_HOST} ^sub.example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/WPweb/index.php/pagetobeshown [R=301,NC,L,QSA]
with this i am being redirected and content is shown ok, but the address bar is changed.
is it possible to fix this so that address is not changed?
thanks in advance
To do this in .htaccess you would need to configure your server as a reverse proxy and proxy the request from the subdomain to the URL on the main domain. WordPress will then see this as a request for the main domain.
However, this does require some configuration in your server config to ensure the appropriate modules are loaded (mod_proxy, mod_proxy_http, etc.) and optionally to set ProxyPassReverse if WordPress should issue any redirects.
You can then use the P flag with mod_rewrite's RewriteRule to send the request through mod_proxy. For example:
RewriteCond %{HTTP_HOST} ^sub\.example\.com
RewriteRule ^$ https://example.com/WPweb/index.php/pagetobeshown [P]
This sends requests for https://sub.example.com/ only (ie. the document root of the subdomain) to the URL as stated. The NC, QSA and L flags are not required.
If you want to send any URL-path (as implied by your RewriteRule directive) to the URL on the target site then change the RewriteRule pattern from ^$ to ^ (simply remove the $). However, this many-to-one relationship is not necessarily good for SEO.
You will still need to modify the rel="canonical" link elements in the page to the appropriate URL in WordPress itself.
However, I'm sure there is a better, more WordPress-specific way to solve this. But WordPress would need to be configured to accept requests to the subdomain and the alternative URL-path.

How to redirect https to http in Wordpress

I want to redirect my WordPress site from https to http, because the SSL certificate is expired. I've asked my host (strato) to extend the certificate, but they haven't fix it yet.
What I tried:
changed the site url
Installed plugin to force http
Deactivate all related SSl plugins
Does someone have a solution?
Try This Code,
Redirect from HTTPS to HTTP:
You want to redirect particular website to be opened through HTTP instead of HTTPS. To do so you can add the following directives in your website's .htaccess file:
# Redirect HTTPS to HTTP
RewriteCond %{HTTP:X-Forwarded-Proto} =https
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Unable to load my website subpages after creating ssl certificates without https subpages are opening normally

My web site was working fine via http with postname option in Permalink. Recently I have activated https (i.e. ssl) for my website. After that only home page is working, sub pages are not working. For default Permalink settings https is working. I have purchased wild card ssl certificates from godaddy, they have given me 2crt files. One starts with b811adugdfdfd.crt and another is gd_bundle-g2-g1.crt. I have uploaded both certificates in apache server and a key file. am I doing any mistake?? Website landing page is working with https but not subpages. Thanks in advance. Is the issue with SSL, or .htaceess or permalinks?
If your using "apache" Add directory Permission in SSL configuration of apache
//Directory /var/www/html/demoproject/public //
AllowOverride All
Require all granted
//Directory//
Here are a few quick checks that might help (If your SSL settings are all fine):
Make sure that under General Settings Page you have changed the site address URLs from http://domainname.com to https://domainname.com.
Try to check pages by forcing it to SSL with the help of a plugin WordPress HTTPS.
Write this code in your .htaccess file
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

duplicate pages HTTP and HTTPS in wordpress

When my site is crawled it comes up with duplicate pages one being HTTP and the other HTTPS and have no idea how to fix the issue in wordpress any ideas.
You have to force users to use either HTTP or HTTPS, but not both if you want nice clean search results. The Force SSL Everywhere plugin ( http://wordpress.org/plugins/force-ssl-everywhere/ ) should force SSL to be used no matter what.
On this note you should do also the same with subdomains. You should all redirect users who request www.yourdomain.com to yourdomain.com or vice-versa or to whatever the Wordpress site_url is set to so that there is no ambiguity between the naked domain and the www subdomain.
Have a look here on serving a different robots.txt file via HTTPS.
http://www.webmasterworld.com/google/3411545.htm
It seems that the solution for your problem is setting a proper redirection of HTTP to HTTPS urls. For this you need to add a few lines to your .htaccess code.
If you are having Apace or LiteSpeed hosting try the one below
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
For Nginx type hosting
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
return 301 https://www.yourdomain.com$request_uri;
}
If you still didn't get it right I recommend to read Move WordPress Website from HTTP to HTTPS \ SSL | Guide

htaccess redirect a subdomain of a wordpress network site to a page

I am currently running a subdomain WordPress Network at domain1.org. One of the subdomain sites is domain mapped to domain2.org. I am trying to add a subdomain to domain2.org that will appear as sample.domain2.org. The problem is that the domain2 is pointed to domain1. We don't use wildcards, we manually edit the DNS for each subdomain site (server admin rule). Tried a redirect rule like Redirect 301 http://friend.episode13.org/ http://episode13.org/friend/
Thoughts?
You need to setup a vhost for friend.episode13.org, and in that vhost redirect to http://episode13.org/friend/:
Redirect 301 / http://episode13.org/friend/
Otherwise, you can try using mod_rewrite and in the vhost (or htaccess file in the document root) where the friend.episode13.org subdomain points to, add:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^friend\.episode13\.org$ [NC]
RewriteRule ^/?(.*)$ http://episode13.org/friend/$1 [L,R=301]

Resources