I’ve spent hours searching and found many similar issues but either their solutions didn’t work or they have no solutions, so here goes:
I’m migrating a site that is running Woocommerce on WordPress – it is working 100% in the current server but it has to be moved. On the new server (Ubuntu 14.04 on Digital Ocean), all pages are working except where ‘ssl’ in concerned. I have a valid cert installed on the server, however the domain on the cert doesn’t match the domain of the site because I haven’t pointed the nameservers to my new server yet. For now, I’m running the site off of the IP address in a subdirectory, like this:
If I disable the Force SSL option in Woocommerce, the Account and Checkout pages work fine. But I need them to use SSL for security.
If I enable ‘Force SSL’ in Woocommerce>Settings>Checkout, the Account and Checkout pages show an Internal Server Error. FWIW, I’ve tried disabled Woocommerce’s Force SSL and using another plugin (like iTheme Security or WordPress HTTPS) and get the same outcome).
Frustratingly, the php and apache logs show nothing for this error (move on this below). I went to the .htaccess file because I’ve learned this is a common source for this error. The .htaccess file is:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /domain.com/
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /domain.com/index.php [L]
</IfModule>
# END WordPress
This looks right, but I had no other avenues to explore so just to experiment, I removed both instances of ‘domain.com/’ (i.e. pretend I’m not working out of a subdirectory).
When I do this, the Account and Checkout pages will load (!) in https, BUT no javascript or CSS files will load because they are all in ‘http’ and this triggers the mixed-content warnings. So even though I can see the content of these pages, they look terrible and are not functional. Lastly, no other pages will work under this new .htaccess file because the server is looking in the wrong directory for them.
I’m completely stumped and I’ve found other people who are similarly stumped with a related question.
I’m sure if I was getting any logging, I would be pointed in the right direction but I’ve followed every thread I can and it really seems like my logging is configured correctly. In /var/log/apache2/error.log I have some misc logs that I think are just related to when I’ve reloaded apache – nothing related to this https error. And my php.ini file has log_error turned on and should be logging to /var/log/php_errors.log (a file that I created) but this file is empty.
Any help is appreciated!
Well, I changed a three things at once and I haven’t been able to isolate which one solved the problem so I’ll list all of them just in case someone else has the same situation.
First, I realized that in my SSL virtual host (/etc/apache2/sites-available/default-ssl.conf), my ServerName was set to the domain that will eventually be the domain instead of the IP address that I am currently using. This was definitely part of the problem but not the whole problem.
Second, I moved my whole site out of the subdirectory and into the root – I’m sure that isn’t necessary but I think it removed one possible source of confusion/issues.
Third, I implemented a fix that I found in some blog or article (that I cannot locate now for the life of me). The fix is in the virtual host that I mentioned above and looks like this (I removed comments and non-pertinent SSL sections at the end):
Make sure the ServerName and DocumentRoot are right. I think this is where the subdirectory was causing problems but, again, I’m not 100% sure.
If I can find the source of that code, I’ll come back and add a credit.