Mobile app version of vmapp.org
Login or Join
Berumen354

: HTTP to HTTPS redirect: How not to create an infinite loop I have a WordPress install on a subdomain: https://blog.example.com To enforce SSL I have the following redirects in my .htaccess: <IfModule

@Berumen354

Posted in: #Htaccess #ModRewrite #Wordpress

I have a WordPress install on a subdomain: blog.example.com
To enforce SSL I have the following redirects in my .htaccess:

<IfModule mod_rewrite.c>
RewriteEngine On

# BEGIN FORCE HTTPS
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) %{HTTP_HOST}/ [R=301]
# END FORCE HTTPS

# BEGIN WordPress
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

</IfModule>


This used to work until a while ago. Now, when calling blog.example.com, I get:


Moved Permanently

The document has moved here.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.


The word "here" in line 2 links to blog.example.com.
What's wrong with the .htaccess?

I checked the WordPress settings and they are not the problem: The site URL is correctly set to blog.example.com.

10.03% popularity Vote Up Vote Down


Login to follow query

More posts by @Berumen354

3 Comments

Sorted by latest first Latest Oldest Best

 

@Ann8826881

This is really additional information since you appear to already have found your solution, but anyway...


RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) %{HTTP_HOST}/ [R=301]



I don't think this would ever have worked as intended since you are missing the L (last) flag on the RewriteRule. If this appeared to be "working" before then I would guess WordPress itself was actually issuing the appropriate redirect?

Since the L flag is omitted here, the rewrite engine would have continued on to your front controller and internally rewritten the URL to index.php. Unless WordPress was stepping in, this would have resulted in a 301 status code being returned to the client, but without a Location HTTP response header (required for the external redirect). This could have been potentially damaging for SEO.

However, by itself, this does not explain the redirect loop. That is possibly because of a change in the SSL implementation on your server, which your answer suggests.

10% popularity Vote Up Vote Down


 

@Barnes591

Since you are using WordPress, you could always change the wp_options table's first two entries to your https domain.

Another way to achieve this is to add Site Home and WP Home in the wp-config.php file. Here is the link to the relevant codex.

10% popularity Vote Up Vote Down


 

@Angela700

I was able to resolve it by changing the .htaccess like so:

<IfModule mod_rewrite.c>
RewriteEngine On

# BEGIN FORCE HTTPS
RewriteCond %{HTTPS} !=on
RewriteCond %{ENV:HTTPS} !=on
RewriteRule .* %{SERVER_NAME}%{REQUEST_URI} [R=301,L]*
# END FORCE HTTPS

# BEGIN WordPress
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

</IfModule>

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme