The part that is not within the BEGIN and END WordPress tags appears to be correct, but is likely needlessly complex. It could all likely be replaced with just:
<Files debug.log>
Order allow,deny
Deny from all
</Files>
Changing is optional. If you do try this simplification, keep a backup of what’s currently working (at least not crashing) just in case something goes wrong.
Better yet, configure your site so errors are written to a log file that is above public root. For more on error logs review this section of our support docs. A log file so located eliminates the need for any of that which is currently outside of the begin/end WP tags.
The part within the begin/end WP tags should match that shown under Tools > Network Setup of the site’s network admin area. Yours looks a little different than what I’d expect, but I defer to whatever your site’s setup asks for.
You’ll want to also add rules to redirect HTTP to HTTPS. Also to redirect to your preference of with or without the www. in the URL. The best way to do this varies some by server. I suggest looking in your host’s documentation for how they recommend you best accomplish these redirects.
Mhmh, I thought more that the rewrite rules are responsible for what I am looking to achieve? What you mentioned isn’t that more or less the protection of certain files and folders?
You wanted to clean up your .htaccess file? If the debug log were in a safer location, you wouldn’t need any of what’s currently outside of the WP block.
You’re having trouble with non-www requests which involve folders in the URL. Is this folder an actual server folder, or a “virtual” folder belonging to one of the network sites?
In any case, default redirection form non-www to with-www can be unreliable with some server configurations. For reliable redirection, an explicit directive in .htaccess will solve the problem. For example:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain.com [NC]
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [L,R=301]
</IfModule>
You’ll also want a redirect from plain http to secure https. The best directive for this varies by server. There may be a more preferred way according to your host, but you can try adding this to the above rule set:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
Thank you so much @bcworkz
Okay, I found out how to http->https needs to be set for my host.
And I learned that QSA preserves the parameters like a folder /credits etc.
So now all is working, except for the root site in my WP multisite
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [QSA,R=301,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [QSA,L]
# add a trailing slash to /wp-admin
# RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [QSA,R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [QSA,L]
RewriteRule . index.php [QSA,L]
</IfModule>
The root site was working but now it’s not? If you have domain mapped network sites, why do you want equivalent subfolder site requests to work?
You need to have the BEGIN and END WordPress comments around the WP portion so WP knows what part belongs to it and can be altered as needed.
Hello @bcworkz
I’ve WordPress BEGIN and END Tags within my htaccess just did not show them.
The htaccess was never working (and still is not) how I want to have it (if that is possible at all) I think for what I want I will start using URL shortener services instead.
The reason is, that I intended to use specific site pages (permalink links) like for my credits (in German Impressum) or terms, conditions (in German AGB) and user pages mean participants pages (Teilnehmer) to be mentioned at PowerPoint presentations like:
Sensorgrafie.de/Impressum (-> https://www.sensorgrafie.de/impressum)
Sensorgrafie.de/AGB (-> https://www.sensorgrafie.de/agb)
Sensorgrafie.de/Teilnehmer (-> https://www.sensorgrafie.de/teilnehmer)
when I type for example Sensorgrafie.de/Impressum at the browser bar it resolves to https://www.sensorgrafie.de
one of the other domains at my WP is https://joerg.knoerchen.photography as I have to type joerg (instead of www) it works as it would work if I would type https://www.Sensorgrafie.de/Impressum.
So the issue is if a user does not type www it redirects to the www site (which is wanted) but it looses the folder like /Impressum.
Hope that makes sense?
I see. The issue is you’re sort of doing a hybrid subdomain/subfolder network, while we’re meant to only do one or the other. I don’t think it’s an .htaccess issue as much as WP is confused about the request’s intent. It looks like the redirect which drops the folder is coming from WP. The initial redirect from regular http to secure https due to your .htaccess rule is preserving the folder. It’s dropped in the second redirect from non-www to www. There’s no explicit .htaccess rule that does this.
If the last redirect really is from WP, there ought to be a way to correct the redirect so the correct site’s domain is redirected to instead of the main domain’s home page. I don’t know enough about multisite to be sure how this would be accomplished. The ‘pre_get_network_by_path’ filter looks like it might do the job.
The other way to correct this, which should work even if I’m wrong about it being WP, is to add specific folder based redirect rules to get us to the correct domain. For example:
RedirectMatch 302 ^/impressum(.*)$ https://joerg.knoerchen.photography$1
I’m still unclear why you’d want to use a subfolder element to get us to a particular domain. Why not always use the canonical URL to start with? It’s not necessary that I understand your intention, what you want to happen is clear enough regardless.
Well
Sensorgrafie.de/Impressum (-> https://www.sensorgrafie.de/impressum)
Sensorgrafie.de/AGB (-> https://www.sensorgrafie.de/agb)
Sensorgrafie.de/Teilnehmer (-> https://www.sensorgrafie.de/teilnehmer)
are not different sites, they are just pages within the same WP Site.
Oh, I’ve misunderstood, apologies. Do those page names by any chance match a subsite folder name, even if it’s mapped to another domain? Such a page will conflict with subsite requests.
If you are having trouble with non-www requests, you may need an explicit non-www to www rewrite like in my second reply above.
If you have access to your server’s config file(s), .htaccess can be configured to log debug trace output. You can then examine in the access log exactly what happens to a request at every directive. The debug trace can be rather difficult to comprehend, but can be instrumental in diagnosing strange redirect issues. Such access is unlikely, but it’s worth mentioning just in case.
Hello @bcworkz
when I enter https://www.sensorgrafie.de/agb/ at the browser the page AGB is displayed. AGB is the URL title form (permalink) of that page. On the server itself, there is no such subfolder.
How would an explicit non-www to www rewrite look like when I do have 5 or 6 domains with different WP sites in my network install?
As I am on a shared host I can access by FTP and upload and change the htaccess and there is a PHP error log at the admin section of my hoster.
Many thanks again.
You will not be able to alter server configuration on shared hosting. So much for debug trace 🙁
I think something like this will cover any non-www request regardless of domain (untested):
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=301]
</IfModule>
@bcworkz
Unbelievable I now have this setup
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [QSA,R=301,L]
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [QSA,R=301,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [QSA,L]
# add a trailing slash to /wp-admin
# RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [QSA,R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [QSA,L]
RewriteRule . index.php [QSA,L]
</IfModule>
# END WordPress
and can’t believe it, it seems finally got to work even giving a permalink means
sensorgrafie.de/agb is perfectly resolving as any other shorts I liked to have too!
Thank you so much you rock!
@bcworkz just one thing 🙁
joerg.knoerchen.photography is now going to redirect
to a
https://www.joerg.knoerchen.photography/
and also
teilnehmer.sensorgrafie.de
to a
https://www.teilnehmer.sensorgrafie.de
either I need to add the www. sub domain and add the domain into WP and also I would need the renew the certificate and include the new subdomains 🙁
or can it be excluded?
With a little research myself I came to this
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [QSA,R=301,L]
RewriteEngine On
RewriteCond %{HTTP_HOST} !teilnehmer
RewriteCond %{HTTP_HOST} !joerg
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [QSA,R=301,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [QSA,L]
# add a trailing slash to /wp-admin
# RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [QSA,R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [QSA,L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [QSA,L]
RewriteRule . index.php [QSA,L]
</IfModule>
# END WordPress
is this okay?
That should be fine as long as those terms don’t occur anywhere else in any future domain name. For example if you registered foo-joerg.com, it wouldn’t redirect to http://www.foo-joerg.com. By adding ^ before it, it means the term must occur first in the host request. And by adding \. (match a dot) behind it means the not-match would either have to be a subdomain or a full domain like joerg.com. Adding these cuts down on some of the ambiguity. If such conditions will never arise anyway, what you have is fine. This is more FYI in explaining what the extra regexp bits that are in !^www\. are about.
