I was wondering if someone could help us out with this one.
We have a site that has lots of insecure links in various pages across the site. Some pages are also including images from http sources and not https.
An example page is here: https://mindfulpresenter.com/mindful-blog/the-10-most-important-things-in-presenting-today/ - on here you will see that there are some links to http pages and the page is sourcing an image from http.
I was hoping that all of these issues can be resolved by making changes to the htaccess file.
The current htaccess file looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Can the issues be resolved by making changes to the htaccess file? If so, what do I need to add to it?
Many thanks
James
It appears, that the links are in the content of your pages / posts which is stored in the database as text. I recommend doing a search & replace to achieve a "clean" state.
There are some plugins that parse the content and create those links dynamically but i don't think that is the most elegant solution.
There are a lot of plugins that may help you. I use SSL Insecure Content Fixer on my website and it works great.
You can, in fact, modify the contents of the page as it is being served, using mod_substitute: https://httpd.apache.org/docs/current/mod/mod_substitute.html
In particular, you'd do something like:
Substitute s/src="http:/src="https:/i
See the mod_substitute docs for further information and examples.
I found a 'Search and Replace' plugin for WordPress which searched the database and replaced all of the HTTP entries.
Related
Not sure if this is the right section of Stackoverflow to ask my question...
But here it is:
So I am using the below on the .htaccess file:
RewriteEngine On
RewriteRule ^sale?$ /discount-page/
So that when people visit example.com/sale page, they see content from example.com/discount-page/
But when I visit example.com/sale it shows 404 error saying that the URL /discount-page is not available on this server...
Why is it happening?
Here's how my entire .htaccess file looks like:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Can anyone help please?
When using WordPress, you can't simply rewrite the URL in .htaccess to the %postname% (the real URL) since WP still looks at the REQUEST_URI in order to route the URL. Even though you are rewriting /sale to /discount-page/ (the actual URL), WordPress sees /sale (the requested URL) - which doesn't exist inside WP; hence the 404.
Although not your intention, you could change this to an external redirect to get around this problem (which also avoids a potential duplicate content issue). For example:
RewriteRule ^sale$ /discount-page/ [R,L]
(I removed the ? in ^sale?$, as that does look erroneous. Or do you really want to match /sale or /sal?)
Alternatively, you could try rewriting to the underlying "plain" permalink. ie. explicitly pass the %post_id%. This is different to rewriting to the %postname%, since WP shouldn't need to check the REQUEST_URI in order to route the URL. For example:
RewriteRule ^sale$ /index.php?p=123 [L]
Where 123 is the %post_id% of your discount-page. By rewriting directly to index.php, you are effectively bypassing WP's front-controller.
Note that this must go before the standard WordPress directives in .htaccess (aka the front-controller).
However, I still feel there should be a more WordPress-like way of doing this, which is why I initially suggested asking this question over on the WordPress Stack. However, if you do that, don't mention ".htaccess". What you are really creating is a URL alias or something like that. For example: Have two different URLs show the homepage
I've recently relocated a WordPress site to a new host. I followed the instructions from here and things seemed to go ok. However on the old host the installation was inside a sub-folder (news). On the new host I want it in the public_html folder. All files are up, I have made the appropriate changes to the wp_config file, I have edited the .htaccess file and removed any references to the old path, I have even gone into the wp_options table and made the url changes there.
However for some reason whenever I reference the index.php, it tries to point back to the old sub-folder location. I've looked in the wp-settings, wp-load files etc and for the life of me cannot find where the bad path information is.
I've gone to the wordpress.org site and several other sites, any help would be appreciated.
UPDATE: I deleted my wp_config file and the system asked me to setup, so I did. During the setup it recognized that the database was there, etc, and sent me to the login. I was able to login, looked at the settings, etc and they are all as they are supposed to be.
If I go directly to wp-admin or wp-login it lets me log in with no problem. however when I try to go to the site, nothing, however instead of showing the old url, it now shows a blank screen.
Thanks
First of all make sure that your whole database does not contain any references to the old installation otherwise some redirection may be active. For migrating your database nowadays you use the following tool to make sure that also serialized data does not contain any references to the old URL:
https://interconnectit.com/products/search-and-replace-for-wordpress-databases/
Can you reach your backend? If only the frontend does not work its probably a permalink problem update your permalinks by going to Settings -> Permalinks -> Save (Update)
Check your index.php and the index.php file from the main directory and also from the subdirectory if there any redirection is active
Do a search (and replace) for the content of all files within your WordPress installation and check for any possible hardcoded redirection
It MUST be one of those problems.
If still no success debug your WordPress installation step-by-step (with echo "reached"; die;) to find out WHEN the redirection is happening - important points to check:
index.php file
wp-config.php file
Action Hook 'init'
Action Hook 'template_redirect'
This might also be helpful: http://rachievee.com/the-wordpress-hooks-firing-sequence/
Check your .htaccess file.
You probably have something that looks like this(notice the subfolder):
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /subfolder/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /subfolder/index.php [L]
</IfModule>
# END WordPress
When you should actually have something that looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
First although neither of the two posted answers solved the problem, they both were instrumental in helping me figure out what was wrong, so I voted each of them up.
Since I could log into the admin area, I knew things were pointing to the correct place. But I was still getting a blank page, well it turns out that somehow in the ftp transfer of the backup site to the server, the 'themes' folder didn't make it. Once I uploaded that folder, things are close to being back to normal.
Again, the advice I received helped me tremendously in troubleshooting this sucker. Thanks
I am using the following to prevent unauthorized access to files. (This is an .htaccess question, but may also require familiarity with WP Jetpack)
RewriteRule ^wp-content/uploads/archive/(.*)$ /wp-content/plugins/paid-memberships-pro/services/getfile.php [L]
It redirects request for files through a module that checks to see if the requestor has access.
The problem is that a specific requestor, Wordpress Jetpack is locked out and I want to let them in to generate thumbnail images.
If you are familiar with Wordpress Jetpack, you know it generates image thumbnails such as http://i0.wp.com/www.example.com/wp-content/uploads/archive/2015/10/SH3_2173.jpg
To solve this, I assume I need two pieces of information:
How to identify when Jetpack is the one making the request (perhaps it is identified as coming from the wp.com domain?)
How to exclude a specific entity (e.g. wp.com) from the above RewriteRule
Part 1 is really a WP Jetpack question, and part 2 is an .htaccess question; so not sure the best place to post this, but I felt keeping them together would be helpful for context.
I solved it with this:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} !Photon.+ [NC]
RewriteRule ^wp-content/uploads/(.*)$ /wp-content/plugins/paid-memberships-pro/services/getfile.php [L]
Im running a WordPress site with qTranslate installed.
The URLS are currently displayed as http://domain.com/en/ but i would like to change them to
http://en.domain.com
How do i make this work? qTranslate has a built-in pre-domain mode, which should do exactly what i need. But all it does is change the links (works), when visiting the page i get a 404 error.
In the admin it says "Pre-Path and Pre-Domain mode will only work with mod_rewrite/pretty permalinks. Additional Configuration is needed for Pre-Domain mode!"
I got pre-path working and i think im using pretty permalinks (/%category%/%postname%/), but ive got no idea what kind of 'additional configuration' is needed.
My .htaccess looks like this (i think standard wp output);
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I tried a lot of different things found online, but i mostly get internal server errors or just the 404.
Thanks in advance!
If your default url starts with www (like www.domain.com) then your translated urls will look like en.www.domain.com.
But if you try to login en.domain.com, you may think that your plugin doesn't working.
Before try anything be sure that any subdomains shows your WordPress homepage. With default settings WordPress should not redirect to you anywhere.
Then set your default url without www prefix (for ex. domain.com)
And check the permalink finally
If you fail at any steps, disable all plugins and even change your theme to default one.
You'd have to add wildcard domain setting at your DNS settings for the domain. https://codex.wordpress.org/Configuring_Wildcard_Subdomains‎
Wildcard domain redirect with WordPress See also this post.
I'm using Wordpress 3.1.1 and recently reorganized my page (deleted and moved a lot of pages). Now I get 404-errors when accessing some pages (all posts and tags work fine).
I can disable the permalinks and then access all pages without problems. I can also rename the pages (e.g. contact --> contact1) and all links work again for the new names. However, if I rename them back, I get the same 404 error again. It seems like some kind of caching-problem. Any ideas how to fix it? Thanks!
My .htaccess for the root directory:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Try clearing your 'trash' can in Wordpress, annoyingly items in the trash area still use a permalink, and when accessing those links you'd get 404 message.
Also delete your htaccess file (if it has no additional settings in it), and the reset your permalink settings.
Ian.
I finally solved it. I realized, that there were some page names, that produced a server 404 and some, that don't. Then I took a closer look at my directory structure:
I access my blog from the root path (not the worpdrpess-directory which is located in it). So I can enter
www.myurl.com
instead of
www.myurl.com/wordpress
So far, so good. However, I had some files in my root directory, that had the same name as the page I was trying to access.
Eg. if there is a contact.abc (the extension doesn't matter) in the root folder, then getting
www.myurl.com/contact
will produce a 404-error. If I rename the file everything works fine. Hopefully, that will help others as well.