1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 1:07 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Wordpress 4.1: force http into https with .htaccess

         

AirportTransfers

11:34 pm on Jan 16, 2015 (gmt 0)

10+ Year Member



I would like to force https with correct Comodo Certificate, in the website www.example.com form .htaccess (and not only from php).
My webserver suggest to use these row to force HTTPS for an entire site : 

RewriteEngine On
RewriteCond %{ENV:SECURE_REDIRECT} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}


I tryed to do it adding these 2 lines in the .htaccess file. But then I receive error.

Using instead this code: 
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{ENV:SECURE_REDIRECT} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule ^index\.php$ - [L]


Going to the website with chrome, Opera and Firefox it answer this error:
Found The document has moved -http://www.example.com
and going there with Internet Explorer , it answer:
This page can’t be displayed
Make sure the web address http://www.example.com is correct.
Look for the page with your search engine.


Using this code instead: 
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ - [L]


I receive error too.

[edited by: phranque at 5:51 am (utc) on Jan 17, 2015]
[edit reason] Please Use example.com [webmasterworld.com] [/edit]

phranque

6:04 am on Jan 17, 2015 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld, AirportTransfers!


did you clear your browsers' cache before testing each change in your server responses? 

RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Found The document has moved...

specifying the full protocol and hostname will invoke the [R] flag which defaults to a 302 (Found) status code.
you want to specify a 301 (Moved Permanently) here.
i would suggest specifying the canonical hostname as well: 

RewriteEngine On
RewriteCond %{SERVER_PORT} !=80
RewriteRule (.*) https://www.example.com/$1 [R=301,L]

not2easy

7:07 am on Jan 17, 2015 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



The default WP block of htaccess should not be used for these redirects, it can be overwritten with a WP core update. Try adding the code your host gave you before the WP block of htaccess.

If the WP install is in your root directory, you will need to specify its "new" https: URL in WP Settings or else WP will write non-https: URLs for your pages.

If you want the WP pages served as https: from a different folder, that change needs to be done in the Settings in order to alter the sql info.

lammert

8:03 am on Jan 17, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



This page can’t be displayed
Make sure the web address http://www.example.com is correct.

Hmmm, did it say http://www.example.com or https://www.example.com? Because I would expect there to be https, not http if your rewrite rules work correctly.

Did you install your SSL certificate and is the server listening on port 443 instead of port 80? It can be that your rewrite rules are correct, but that the server is simply not accepting connections on port 443.

AirportTransfers

9:07 am on Jan 18, 2015 (gmt 0)

10+ Year Member



Both https and http pages are giving always the same errors, yes I was clearing cache and cookies too.
SSL certificate is perfect because the website is correctly working now with https trough php, the website not work if forced to httpS from .htaccess only.
This time I used this code:
RewriteEngine On
RewriteBase /
RewriteCond %{SERVER_PORT} !=80
RewriteRule (.*) [example.com...] [R=301,L]

This code don't give errors, but if I go to the url of an image with HTTP:
http://www.example.com/wp-content/uploads/2014/12/example-logo.png
then it not force HTTPS..

[edited by: phranque at 9:21 pm (utc) on Jan 18, 2015]
[edit reason] exemplified URLs [/edit]

lammert

9:45 am on Jan 18, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Both the site and image give the following return code when checked with the WebmasterWorld header checker [freetools.webmasterworld.com]:

HTTP/1.1 403 Forbidden

This makes it difficult to check what precisely is going on.

not2easy

3:32 pm on Jan 18, 2015 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



WordPress generates URLs based on its internal settings. If the settings do not specify https: it will generate http: URLs. Internal file requests made within WP are not affected by the .htaccess file outside of the WP block of code.

lucy24

8:36 pm on Jan 18, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



If the settings do not specify https: it will generate http: URLs.

... meaning that if you put an https redirect in your htaccess before the WP stuff, then suddenly all your internal links will point straight to a redirect? Eeuw. Can't WP be instructed not to specify protocol-and-domain in internal links?

not2easy

9:56 pm on Jan 18, 2015 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



There is a setting made during install that tells WP what the entire URL for the domain is, if you put the wrong information there, WP obeys anyway. When you make root level domain URL changes, it needs to be reset so WP knows what you want it to do.

AirportTransfers

10:19 pm on Jan 18, 2015 (gmt 0)

10+ Year Member



In wp-admin/options-general.php General Settings, both url:
"WordPress Address (URL)" and "Site Address (URL)" are in https, now and in all the tests. Sorry if I was not explaining that.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 1:07 pm May 1, 2026