I am having some issues with multiple wordpress installations and .htaccess rewrite rules, mainly for forcing https but also removing www. from any domain.
Domains/Subdomains:
- WordPress 1:
examplewebsite.com(/home/hostingacc/public_html/) - WordPress 2:
test.examplewebsite.com(/home/hostingacc/public_html/test/) - WordPress 3:
moretests.examplewebsite.com(/home/hostingacc/public_html/moretests)
.htaccess Rewrites
I’ve tried to use several rewrite rules that I’ve found across the internet, not sure what one is the best one to use but below are the main rewrite rules that I used
RewriteEngine On
RewriteCond %{HTTP_HOST}#%{HTTPS}s ^www.([^#]+)#(?:off|on(s)) [NC]
RewriteRule ^ http%2://%1%{REQUEST_URI} [R=301,L]
That I got from https://github.com/h5bp/server-configs-apache/issues/48 but as previously mentioned, one of these may be better suited to be FORCING HTTPS and FORCEFULLY REMOVING WWW
RewriteEngine On
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTP_HOST} ^www.examplewebsite.com
RewriteRule ^(.*)$ https://examplewebsite.com/$1 [L,R=301]
or
RewriteEngine On
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} !^examplewebsite.com$ [NC]
RewriteRule ^ https://examplewebsite.com%{REQUEST_URI} [R=301,L]
or
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www*.(.*examplewebsite.com)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
or
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www*.(.*examplewebsite.com)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
All of the above rules, seem to work in regards to forcing https and removing www on the main wordpress installation but the rules do not currently apply to subdomains or /wp-admin/ subdirectories for each of the wordpress installations, I assume that is because there is a .htaccess file in each of those directories.
Issue Recap
-
examplewebsite.com (main website) is correctly being forced to always uses https and is also being forced to remove www. BUT… the problem is located on examplewebsite.com/wp-admin/ which still correctly forces https (either by the rule or via the wp-config.php force admin ssl but it doesn’t forcefully remove the www. for some reason, I guess it’s because I have the following .htaccess file located under the /wp-admin/ folder so it looks like I need a rule for the htaccess in this folder to forcefully remove www. and to also force https.
-
test.examplewebsite.com and moretests.examplewebsite.com (subdomains) both have an issue where it is NOT forcing https and it is also NOT forcefully removing www.
-
test.examplewebsite.com and moretests.examplewebsite.com (subdomains) both also have the same issue as the first /wp-admin/ does not forcefully remove the www.
-
If I go into the settings or SQL for my subdomains or even edit the wp-config.php to override the SQL and change the site url and home url to have https and not to have www. (the https causes this issue) then the wordpress installations become inacessable, they vanish and visiting the links to the subdomains redirects/loads the main website instead
Configurations
- examplewebsite.com – Current .htaccess files
Home: http://pastebin.com/raw/9RNuQZS5
WP Admin: http://pastebin.com/raw/8vVnDTRx
- examplewebsite.com – SQL Variables
Site URL (Home): https://www.examplewebsite.com
WordPress URL: https://www.examplewebsite.com
- examplewebsite.com – WP Config (Overrides SQL)
Config:
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
define('WP_HOME','https://examplewebsite.com');
define('WP_SITEURL','https://examplewebsite.com');
define('DOMAIN_CURRENT_SITE', 'examplewebsite.com' );
define('COOKIE_DOMAIN', 'examplewebsite.com' );
define('ADMIN_COOKIE_PATH', '/wp-admin/');
- test.examplewebsite.com and moretests.examplewebsite.com
The subdomains are all setup as below, however the wp-config isn’t applied at the moment because the forced https is causing issue 4.
The .htaccess files are 99% identical to the ones on the main domain/site with the sole exception of that there is no custom code wp rewrite loop rules (redirect from www to non-www and redirect http to https)
- test.examplewebsite.com and moretests.examplewebsite.com – SQL Variables
Site URL (Home): http://test.examplewebsite.com
WordPress URL: http://test.examplewebsite.com
- test.examplewebsite.com and moretests.examplewebsite.com – WP Config (Overrides SQL)
Config:
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
define('WP_HOME','https://test.examplewebsite.com');
define('WP_SITEURL','https://test.examplewebsite.com');
define('DOMAIN_CURRENT_SITE', 'test.examplewebsite.com' );
define('COOKIE_DOMAIN', 'test.examplewebsite.com' );
define('ADMIN_COOKIE_PATH', '/wp-admin/');
Setting the above, causes the same issue as the SQL change (issue 4)
steps to check(I just illustrate for one site):
address of your site
of your site
site
add the follow as the start of your CUSTOM CODE WP REWRITE LOOP
START in your root .htaccess:
the above is to ensure redirect all non-ssl access to ssl access
while rename all non-ssl access to site to examplewebsite.com, now
you should be redirected to https://examplewebsite.com if you type
http://www.examplewebsite.com or http://examplewebsite.com in the
browser
the last part is have your wp-config.php file to include the
following:
this part is to ensure even the ssl access to your
http://www.examplewebsite.com gets rewrited to examplewebsite.com by
wordpress
because you have full site enabled as ssl access only, so the following is not necessary in your wp-config.php file: