I am using W3 Total Cache on Wordpress with Amazon Cloudfront as my CDN. But when I run my site through the Pingdom Website Speed Test, it still says I need to 'Leverage browser caching' and 'Serve static content from a cookieless domain'. I noticed that the links affected are my cdn.domain.com links so I'm wondering if it's possible to leverage browser cache on my subdomain and set it to be cookieless?
1) The problem is that Wordpress doesn't send cache info at user uploaded files, also W3 Total Cache doesn't fix this.
Here some example how to fix this: http://www.askapache.com/hacking/speed-site-caching-cache-control.html
2) To avoid that the browser send cookies to your cdn subdomain you have to be sure that site is launched at www.yourdomain.com and not yourdomain.com. Redirect the visitor to www.yourdomain.com when the visitor entered only the domain name. You can edit the .htaccess file in the root of your site, see:
http://dense13.com/blog/2008/02/27/redirecting-non-www-to-www-with-htaccess/
Related
The browser says a client-managed site is insecure. If I check in Firefox > Media, I can see no files delivered over http://.
If I check https://www.whynopadlock.com/results/11d3f0c2-a944-43c0-922a-92a0cbe7b5c2 it says there are 3 image files delivered over http://
http://www.vivescoal.com.au/wp-content/uploads/2017/06/logo.png
http://www.vivescoal.com.au/wp-content/themes/balance/images/button_icon.png
http://www.vivescoal.com.au/wp-content/themes/balance/images/dark_backgrounds/background9.jpg
I can't find these URLs in the database, nor in the parent theme or child theme.
Help appreciated to see where in the site these files are being called.
Since I cannot add images to comment, I'm adding it here. This is what I see is happening:
The image is called from a different domain, then redirected with a 301 to the non-https version. There is either something wrong in the litespeed configuration or the webserver configuration of that domain. It should not be redirecting https to http.
Used Dreamhost’s free Let’s Encrypt on my website. Now when I try to reach my Wordpress site I receive, Page not working - redirected you too many times. Domain and site are hosted on Dreamhost.
I used Let’s encrypt on my root domain on an empty Wordpress site and it worked. I made a subdomain off the main one, built out the content on the Wordpress site then tried to encrypt it and that’s when I can’t access it.
This happens when the database URLs are being forced to use either WWW or non-WWW. And what the SSL does is add HTTPS and remove WWW, so it creates a loop.
https://help.dreamhost.com/hc/en-us/articles/360003304711-Changing-all-URLs-in-your-WordPress-database
I have a simple WP blog that doesn't need https.
My host was offering a free SSL certificate so I took that up.
It's only after that I read that turning a site to https is like having a brand new site and therefore starting SEO all over again.
I've recently moved host and had to use the backups I made to move the content across. I've found out all the internal links on the site are https, probably because the site was secured at the time of making the backup. Unfortunately the browser says my https pages are not secured despite an SSL certificate that seems installed.
Rather than resolving that, I think I will benefit more by turning my site back to http. All my backlinks over the years point to http. So how do I convert all internal links that point to https pages back to http?
All the resources I find online are to turn http to https.
Database
You need to change the site and home urls in the database table wp_options to the url without https.
Links
Then use a plugin to change the media links and anything using your https url to the http url, I recommend Velvet Blues here wordpress.org/plugins/velvet-blues-update-urls
Redirection
You also need to redirect all your https urls to the http one, you can use this plugin wordpress.org/plugins/redirection. As Google and other search engines have indexed https for your site.
Permalinks
You can also try update your permalinks in General > Permalinks and just resave it.
Here is the existing configuration of my site:
I have a CNAME record www to example.com in Cloudflare DNS settings.
Nothing in .htaccess of the original host server.
WordPress site has its Website and Home address set to http://example.com
I don't have a clear understanding of what Cloudflare does and how it integrates with WordPress. However, I would like to achieve this without making any changes in WordPress. What DNS and Page Rules combo should I configure in order to serve all the URLs ONLY over https without www?
Based on this answer here, I tried changing my DNS settings but it didn't work. And I can't get my head around Cloudflare Page Rules.
In order to accomplish this you should create two Page Rules. One that redirects all traffic to https, and another that directs all www traffic to the root domain.
You can find directions for these Page Rules on this KB article (they are the first two). Or there is a video tutorial as well. If you are already maxed out on Page Rules there is also an option now to purchase additional rules without changing plans.
(I'm from Cloudflare)
Just have a question :)
I have a WordPress site with domainname "site.com". It is on its own server.
On another server I have an admin site located on the subdomain "admin.site.com", and a booking site on "booking.site.com" - they are not i WordPress.
Now my WordPress site gets hijacked, and all browser shows a warning, and I'm removed from Google. But it is not only site.com which is closed, but all my subdomains. Why? And is there a way to separate, so the subdomains not will be close if my WordPress site gets hijacked again?
By close, do you mean removed from Google or non-functional in general?
Google doesn't have a lot of forgiveness when it comes to site issues, so afaik it will block the subdomains if the main domain gets compromised.
If your other sites aren't functional, you might want to check your site.com's htaccess file.