HTTP is a default protocol, which is used by most websites to handle the information over the web. Your website is running on HTTPS without any error message, it means your certificate has been installed correctly. You should migrate your entire website from HTTP to HTTPS. Learn how to move HTTP to HTTPS for WordPress
Thanks for responding. Yes, I have read that article, it seems to be written for single installs whereas I am running a Multisite with domain mapping. Following the advice of the article I was able to update the ‘Home’ and ‘SiteUrl’ with the HTTPS protocol but since the WordPress MU Domain Mapping plugin doesn’t seem to accommodate HTTPS the sites are still defaulting to HTTP. What I need is for the sites to automatically load as HTTPS. Also, can’t seem to get the dashboard to work for the site when HTTPS is loaded. The dashboard will only open if the site is HTTP.
Spent some time going through a great article by Ipstenu: http://halfelf.org/2014/mapping-domains-without-plugin/ but can’t seem to get this to work. When I uninstall the mapping plugin and try to operate the mapping this way it isn’t working at all, everything just redirects to my root install.
Also spent some time on another great article by Ipstenu: http://halfelf.org/2014/ssl-for-one-domain-on-multisite/ but the HTTPS plugin doesn’t seem to be working, maybe it is outdated?
Anyone else been able to get HTTPS to work for specific domains in a WordPress multisite?
If you want one or more of your sites to be all https, just use the .htaccess rule that Mika gives as an example:
RewriteCond %{HTTP_HOST} ^store\.halfelf\.org
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://store.halfelf.org/$1 [R,L]
The rules looks at a specific hostname, if the traffic is not https, then it redirects the user/browser to https.
Okay, I tried adding the htaccess rule but now it just redirects to my root install.
I think there may be an issue because my wordpress MU installation is in a subdirectory folder (as described here)
Is this what the htaccess should look like? (“subfolder” being the folder that the WP MU is installed in)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /subfolder/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /subfolder/index.php [L]
RewriteCond %{HTTP_HOST} ^mysitedomain\.com
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.mysitedomain.com/$1 [R,L]
</IfModule>
This is the htaccess code I am currently using and it is redirecting to my base wp site. I’ve tried various htaccess modifications but can’t get anything to work.
2nd problem: still can’t access the wp-admin with the https protocol. I have to manually remove “https” from the address bar to get wp-admin to work.
First, put the https rules in the front before the WP rules. Also the rule you added only works on http://mysitedomain.com, it wont work if someone tried http://www.mysitedomain.com
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mysitedomain\.com
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.mysitedomain.com/$1 [R,L]
RewriteBase /subfolder/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /subfolder/index.php [L]
</IfModule>
Second, you have to modify WP to use https. I believe the home and siteurl should contain ‘https’. In my configuration, we use this setting in wp-config.php to force https:
define('FORCE_SSL_ADMIN', true);
Getting much closer, thanks! I updated the htaccess code per your suggestion (can’t believe all I had to do was move the https to before the rest, duh!). Now I’m not getting the redirect to my base site, but I’m still not getting a redirect to https. Here is what my htaccess looks like:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mysitedomain\.com
RewriteCond %{HTTP_HOST} ^www\.mysitedomain\.com
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.mysitedomain.com/$1 [R,L]
RewriteBase /subfolder/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /subfolder/index.php [L]
</IfModule>
And here is the multisite section of my wp-config:
/* Multisite */
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', false);
define('DOMAIN_CURRENT_SITE', 'www.basesitedomain.com');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);
define('FORCE_SSL_ADMIN', true);
define( 'SUNRISE', 'on' );
I cleared cookies, added the define('FORCE_SSL_ADMIN', true); and I’m still not getting a redirect to https. What am I missing?
Does the htaccess code go in the file in my wp directory or in my root directory?
Is this even possible with the WordPress MU Domain Mapping plugin? When I uninstall the plugin and try the suggestions here I get a “could not establish database connection” error.
The WP MU Domain Mapping plugin doesn’t seem to allow adding domains with the https protocol, can’t find anything about this in my searching online.
Your https rules are not correct, what you have will never work. It says if hostname is ‘www.sitedomain.com’ AND hostname is ‘sitedomain.com’ then [rest of rules]. There are different ways to do it, but using your syntax, just add the [OR] to the first statement
RewriteCond %{HTTP_HOST} ^mysitedomain\.com [OR]
RewriteCond %{HTTP_HOST} ^www\.mysitedomain\.com
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://www.mysitedomain.com/$1 [R,L]
I just redirect all www to non www at the top (remember to put those rules ABOVE the WP ones. WP rules are always at the bottom)
http://halfelf.org/2014/ssl-for-one-domain-on-multisite/
That’s the post where I explain how I did SSL for one domain. Repeat ad nasuem for multiple certs. ipstenu.org, halfelf.org, store.halfelf.org and elfshot.org ALL have separate certs.
Everything is working now. When I updated to WP 4.2 I decided to try dropping the WordPress MU Domain Mapping plugin and follow the suggestions here. Worked like a charm.
As far as getting the https to work, you were exactly right. I adjusted the htaccess rules per your suggestions and placed them in the root directory, not the htaccess file inside the subdirectory that wp is installed in. This makes sense now that I think about it, the redirects need to be at the very top before it is “too late” to redirect, which is why I was getting such strange behavior by having the redirect commands in the wrong place.
Thank you for the help!
Hei Blindsquirrel.
Hows life
Glad your issue was solved…
Did you have to get seperate certs. for all your subdomains as Ipstenu did? Or a multi domain cert.?
And Is it all still working well?
Im looking to start the same madness and just wanted to ask if you could help me out by explaining the process above. Maybe blog about it? I bet many many need this. I just cant find a concise article which gives a perfect step by step instructions. Would apreciate the assistance π
Have a nice day π
Best Regards,
Levent (From Oslo, Norway)
