Multisite with Domain Mapping and SSL

  • SchullieRinger

    (@schullieringer)


    11 years ago

    I have seen some posts about using SSL with multisites where the site has a wildcard SSL cert and also posts about using SSL only with the login page and not the rest of the site. But my problem is a little different.

    We have an SSL cert only for our main domain (handbellmusicians.org). But it does not cover any of our subdomains. We are running multisites and have sites for area1.handbellmusicians.org, area2.handbellmusicians.org, etc.

    My htaccess file has the required lines for the WordPress multisite installation (which uses domain mapping, by the way). But when I add the code to rewrite the call to our main site from http to https, it causes all of my area sites to quit working. What seems particularly odd is that I don’t get any sort of error or security warning when going to them. They just all end up redirecting the user to the main handbellmusicians.org front page, rather than the subdomain site.

    We operate on a tight budget and cannot afford separate SSL certs for each subdomain or even a wildcard cert. And it is not really necessary to have the subdomains secure. The main site needs to be secure as it has member logins on the top of the pages. And we need this to be secure to pass a compliance scan.

    Following is the contents of my htaccess file as it stands right now. Then I will post the lines I’m trying to add for the rewrite to https.

    Is there anyway to get only calls to the main site to use https, yet still get the subdomain sites to show up.

    EXISTING HTACCESS:

    AddHandler php5-script .php

RewriteEngine On

RewriteBase /
RewriteRule ^index\.php$ - [L]

# uploaded files
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

#Add type for jplayer
AddType video/x-m4v .m4v

    ———

    And here is the code I’m trying to add to rewrite http to https for the main site.

    RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.handbellmusicians.org/$1 [R,L]
Viewing 6 replies - 1 through 6 (of 6 total)
  • jkhongusc

    (@jkhongusc)

    RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.handbellmusicians.org/$1 [R,L]

    Translation: all requests on port 80 are redirected to https://www.handbellmusicians.org/$1. That is not what you want. You want something like this (note this is not tested):

    RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www.handbellmusicians.org [NC]
RewriteRule ^(.*)$ https://www.handbellmusicians.org/$1 [R,L]

    Translation: If the protocol is not https AND the host is https://www.handbellmusicians.org, redirect to https://www.handbellmusicians.org/$1 . Also note that you should be able to use your previous port 80 rewritecond rule if you wanted.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    SSL for only one domain on a network?

    https://halfelf.org/2014/ssl-for-one-domain-on-multisite/

    Thread Starter SchullieRinger

    (@schullieringer)

    Thank you. That solved much of the problem. It let the URL rewrite to https without breaking the sub-sites. And it worked fine in Internet Explorer. However, in Chrome, I get an error saying the website has a redirect loop.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    www.handbellmusicians.org sends me to https://handbellmusicians.org in chrome. Also? AAAUGH! Autoplay! ??

    Thread Starter SchullieRinger

    (@schullieringer)

    That must be what is causing the loop. I wonder where I would find what is causing that. I don’t see anything in the existing htaccess file that would do that.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    1) Does your host do any redirects?

    2) What’s the home/site URLs for that domain in WP? You can check in the DB.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Multisite with Domain Mapping and SSL’ is closed to new replies.