HTTPS version not detected with www version of URL

  • Resolved ginmi

    (@ginmi)


    7 years, 7 months ago

    I migrated one of my sites to HTTPS using your plugin.
    I am using the Let’s Encrypt certificates.

    When my website was on HTTP, I’ve had both the www and non-www versions setup in the search console with the NON-www version set as the preferred version.

    When people entered my site URL with www, the non-www version came up without any issues.

    After I migrated to HTTPS, I again registered both the www and non-www version in the search console and set up the NON-www version as the preferred version.

    The non-www version works perfectly fine without any issues but when people enter the URL WITH www, they are NOT being redirected to the non-www version and instead get an error message that the SSL certificate is invalid.

    Any idea what’s causing this and how it can be fixed? Is it an issue with the redirects created by your plugin or is it something with the certificate itself and I need to discuss this with my host?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    Apparently you have an SSL certificate that is not valid for the www domain.

    On SSL this will work only if the www domain is never loaded. I think in your case, WordPress is doing the redirect from www to non-www. This means that the site will need to be loaded over https://www first, which is not possible as you don’t have a certificate for www.

    To fix it you can add a redirect to the https://domain.com which bypasses the redirect to non www in WordPress.
    https://really-simple-ssl.com/knowledge-base/redirect-non-www-to-www-domains-in-htaccess/

    Thread Starter ginmi

    (@ginmi)

    Thanks so much for your quick reply Rogier and for providing the code snippet.

    I’ve added the code to my .htaccess file but the issue seem to persist.

    Here is the full code snippet that applies to really simple SSL I currently have in my .htaccess file:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

    Does that look alright to you for redirecting the WWW URL (which doesn’t have SSL) to the non-WWW address (which does have SSL)?

    If everything is correct, maybe there is something else in the .htaccess file which causes a conflict.

    I’m happy to post my full .htaccess file here if you like (with some obvious omissions for security reasons)

    Not to sure if that’s relevant but here is another piece of information regarding my setup:
    The site in-question is located on a sub-folder of my hosting account (which is managed through cPanel).
    The site on the root public_html folder does NOT currently run on HTTPS (even though it has a Let’s Encrypt certificate installed as well) and does NOT have your plugin installed.

    Is it possible the .htaccess file of the site in the root folder creates a conflict with the .htaccess file of the site in question?

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    This snippet means you’re only redirecting https://www urls to your primary domain, while you want https://www and https://domain urls to redirect as well. I would leave the Really Simple SSL redirect as it is, and add a new one on top, which doesn’t have the https condition

    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    This way, all www urls get redirected to non www https. All non https url’s get redirected to their https counterpart.

    As for your subfolder setup, you might want to exclude the root domain from the redirect in that case:
    https://really-simple-ssl.com/knowledge-base/preventing-subdomains-add-domains-getting-forced-https/

    It sometimes helps to make a list of possible types of urls, and what should happen with it. (https://www, https://www, https://domain1.com, etc.)

    Thread Starter ginmi

    (@ginmi)

    Thanks again for the amazing support mate!

    I did what you said and my https://WWW.mydomain.com is now redirecting successfully to https://mydomain.com

    I did notice however that if I type manually https://WWW.mydomain.com (so www version WITH SSL), I don’t get redirected to the non-www HTTPS version and instead get an error message:

    ERR_SSL_PROTOCOL_ERROR

    This is a minor bug and I can probably live with it (as not many people will enter a URL manually and start it with HTTPS instead of HTTP) but would be nice to squash that little bug as well if it’s an easy fix.

    For reference, here is the current (amended) code snippet I have in my .htaccess file for that domain:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

    Anything I can add here to fix that (minor) issue?

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    The redirect looks good.

    Just to make sure Really Simple SSL does not rewrite your redirects, I would move the custom part outside the comments, or you need to enable “stop editing the htaccess”. 

    #redirect all www requests to non-www. 
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL
    Thread Starter ginmi

    (@ginmi)

    Done!

    Anything I can do to make sure https://WWW.mydomain (WITH WWW) redirects properly to https://mydomain (WITHOUT WWW) instead of generating an SSL certificate error?

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    The code you are using should do that already, I wouldn’t know why it doesn’t work for you. Maybe you can search for other ways to redirect to non www, to see if an alternative works better.

    You might need to put it in your root .htaccess. It could have something to do with your root / subfolder setup.

    Thread Starter ginmi

    (@ginmi)

    Hi Rogier,

    The following code snippet I added to my .htaccess file as per your instructions started generating an error 500 today.

    #redirect all www requests to non-www. 
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>

    That was happening for both the add-on domain where this code was added as well as for the website on the primary domain (root of the public_html folder).

    Everything was fine yesterday but today I couldn’t load the sites. I renamed the .htaccess file and both sites went back to normal.

    Could it have to do with the update to WordPress 4.7.4 which was rolled out today?

    Can you please double check the code to make sure there are no errors?

    For reference, this is the main code snippet for really simple SSL which appears right underneath the code snippet give above (and which do not seem to be causing any issues):

    # BEGIN rlrssslReallySimpleSSL
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL
    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    I don’t think the wp update has anything to do with it. I tested the www to non www redirect, and it works find on my testserver.

    Maybe something else was changed in your .htaccess?

    Thread Starter ginmi

    (@ginmi)

    Nope. That was definitely the only change.

    I checked older .htaccess versions from backups as well as through a version control tool.

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    I would check with your hosting company if something else has changed on the server.

    If the .htaccess file has not changed, the cause is probably a changed server configuration.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘HTTPS version not detected with www version of URL’ is closed to new replies.