Customers and myself unable to login

Hello, GunnyRet, & welcome. When I right-click the login link on your site in order to see where it’s bgoing, I get:
https://neovets.org/wp-login.php?redirect_to=https%3A%2F%2Fneovets.org%2F

So something is causing your login link to redirect incorrectly. I guess my first question is, is this a multisite configuration? My 2nd is, can we please see your .htaccess file, if you have one? My 3rd is, what sort of plugins might you be running that could redirect your login?

Thanks for providing us the url, BTW. It makes it *so* much easier for us to return information in a timely manner.

@abletec (Jackie),

Sorry for my slow reply. I was on the road most of the day today.
I maintain all my sites separately; not multi-site.

I noticed the redirect link appearance you cited too. I have (or, rather had) these various relative plugins in each of my sites:
Really Simple SSL
Wordfence
All In One WordPress Security

There are other plugins of course. I have GoDaddy and cPanel, and have gone into each domain and deactivated some or all of the plugins. I’ve tried to delete and “refresh” the .htaccess file through the permalinks. But, all these issues persist.

I went into the root folder for this specific site https://neovets.org, and deleted all .htaccess files. I had renamed, and had a few different copies.

I updated the permalink structure and have coped/pasted the current .htaccess file below
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Please let me know what you encounter now.

Thank you again for your help.

Gunny

I receive a login screen, Gunny. I suspect that’s what you wanted/needed, so that seems to have resolved the problem.

Hope I was of some help to you, & it was a pleasure in any case. Be safe out there. Unless you have a compelling reason to do so, I’m not entirely sure you need both those security plugins. I think one’s sufficient, as they perform fairly similar functions. The other thing is, you may wish to consider changing your site address in the General Settings portion of your dashboard to https://www.neovets.org. You may also wish to redirect all traffic to the secured site via your .htaccess file. Let us know if you would like help w/that, even though strictly speaking, it’s not entirely a WordPress issue. As it is now, if I type https://www.neovets.org, I receive a warning that the connection is not secure, & I don’t think that’s what you really want. Most visitors, in fact, would reflexively type it in like that, I think, & when they get that sort of warning, it may well tend to scare them off. Just trying to help a little more before letting you ride off into the sunset, since the problem you presented with appeared to be fairly readily resolved. Please remember to reply & mark the topic resolved if that is indeed the case so the volunteers here will know you’ve been helped & can go on to help others who are still having difficulties. Thank you.

Kudos to you on the work you’re doing. Have a great rest of your day.

Jackie,

Thank you for the kind assistance. I run 4 other sites and have them all set up in general settings as: https://site.org or .com. Although, I am still learning WP. I think part of my problem was that I had multiple copies of the .htacess file with different names adaptations that were causing the highly unusual behaviors. Something you said made me think to go delete all instances and reset the permalink structure. I have been so absorbed with this I forgot this simple fix.

I recently received some guidance from GoDaddy on redirecting to the SSL site. I will try to inject that Rx into the .htacess file. I can see what you mean about others “instinctively entering “…www.neovets.org. That makes sense. I truly appreciate your help.

I have multiple sites in GoDaddy cPanel, but NOT in a multisite WordPress setup.
Here is the updated .htaccess file code. https://gunnyret.com is my primary account where the UCC SSL resides. It covers my five websites. I have added these characters above and below the .htaccess file to help separate it from the rest of this dialogue. “///”

////////////////////////////////////////////////////////////////////
# BEGIN GD-SSL
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^gunnyret\.com$ [OR]
RewriteCond %{SERVER_NAME} ^www\.gunnyret\.com$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security “max-age=300”
</IfModule>
# END GD-SSL
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
///////////////////////////////////////////////////////////////////

I’ll be reaching out to a few of my customers and asking them to text their login access pending your reply.

Thanks for the kind words about ONE of my projects. If you’d like to connect outside of this forum, please find me here: LinkedIn

Sincerely,
Gunny

Hello, Gunny. Here is the error I receive when attempting to connect to https://www.neovets.org.

“The certificate is only valid for the following names:
gunnyret.com, https://www.gunnyret.com, mikebuilds.contractors, neovets.org, summitcountystanddown.org, americanlegionakron.org”.

What it’s saying here is that the www. portions of some of your domains are not included in your certificate. That may or may not be accurate, & it may prove worth investigating if the following is ineffective.

W/all due & extreme respect, that code in your .htaccess file is not the way I would proceed. I do think your first avenue would be to change your url settings from just https:// to https://www. The concept is a bit of a surprise to many, but www. & https:// (or http, for that matter) are different. Using both in the url includes both, if I make myself clear. If that does not work then, you may wish to include the following in your .htaccess file, *without the , which we use in these forums to enclose code.

RewriteEngine On
RewriteCond?%{HTTPS}?!=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 

I would like to connect. The LinkedIn link was likely redacted, as private contact between forum participants is not encouraged here for fear that some may use this for commercial advantage. I will use one of your websites instead, or feel free to visit the website in my profile.