Force HTTPS using .htaccess – stuck in redirect loop

9 Views

My WordPress website is located at example.com/wordpress and I need everything inside to be accessible only using SSL.

I’ve created a .htaccess rule that redirects http -> https:

Read More
RewriteEngine On
RewriteRule ^/?(.*) https://%{SERVER_NAME}/wordpress/directory/$1 [R,L]

After implementing this rule the website is inaccessible as it is stuck in a redirect loop.

What am I doing wrong?

My WordPress .htaccess: 

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /wordpress/directory/
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/directory/index.php [L]
</IfModule>
Post Views: 9

Related posts

Leave a Reply

5 comments

  1. This is a late answer but this works for me:

    Change the RewriteCond to this

    RewriteCond %{HTTP:X-Forwarded-Proto} !https

    Should be like this:

    RewriteEngine On 
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R,L]

  2. Without being an htaccess expert, I’d say you’re missing a RewriteCond – A condition.

    Check if it’s on port 80. Try this: 

    RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^/?(.*) https://%{SERVER_NAME}/wordpress/directory/$1 [R,L]

    UPDATE:

    After seeing your updated question, with the full .htaccess – I’d do this:

    <IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /wordpress/directory/
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/directory/index.php [L]

RewriteCond %{HTTPS} off
RewriteRule ^/?(.*) https://%{SERVER_NAME}/wordpress/directory/$1 [R,L]
</IfModule>

    Having your condition and rule underneath WordPress’ standards. 

  4. RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

    or for just a single page

    RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} directory
RewriteRule ^(.*)$ https://www.example.com/directory/$1 [R,L]

    or you can add this php to a particular file

    if (!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS']) { // if request is not secure, redirect to secure url
$url = 'https://' . $_SERVER['HTTP_HOST']
. $_SERVER['REQUEST_URI'];

header('Location: ' . $url);
exit;
}

    or combine the wordpress rewrite rules with the SSL ones..

    RewriteRule ^(.*)$ https://www.example.com/directory/index.php[R,L]

  5. Web sites behind load balancers or reverse proxies that support HTTP_X_FORWARDED_PROTO can be fixed by adding the following code to the wp-config.php file, above the require_once call:

    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
    $_SERVER['HTTPS'] = 'on';

    or by using a plugin

    Add into WordPress plugins folder on your website, then activate it in the Plugins admin

    <? /* Plugin Name: Set headers */
if (stripos(get_option('siteurl'), 'https://') === 0) {
    $_SERVER['HTTPS'] = 'on';
    // add JavaScript detection of page protocol, and pray!
    add_action('wp_print_scripts', 'force_ssl_url_scheme_script');
}
function force_ssl_url_scheme_script() {
    ?>
    <script>
    if (document.location.protocol != "https:") {
        document.location = document.URL.replace(/^http:/i, "https:");
    }
    </script>
    <?php
}

    Source

    It is working like

    • http://www.exmaple.com/blog/ to https://www.exmaple.com/blog/
    • http://www.exmaple.com/ to https://www.exmaple.com/