Redirect Entire Site to HTTPS

  • Resolved James Hall

    (@putarguygmailcom)


    8 years, 9 months ago

    I moved a 300+ page WP site from http to https about 6 months ago and have been experiencing weird bouncing around in the SERPS for all engines. Today I decided to look closer because my smaller sites don’t do this. I ran the IIS SEO bot/tool to crawl it for errors. I found it had about 5000 redirect loop errors that aren’t noticeable on the frontend – it usually loads in under 3 seconds.

    I used the headers output tool at AskApache to see the output, and get a definite redirect loop error that closes with: “HTTP/1.1 400 Bad Request”

    My htaccess code looks like this:

    <IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

    I’ve tried about 200 changes to this code today trying to resolve the loop problem. When I ran the tool against www.remarpro.com it redirects http requests via a 301 and stops as it should, but the www.remarpro.com server is using NGINX instead of Apache or I would ask for a copy of that code.

    I have edited the general settings for my install to both point to https:// and have had a “green address bar” for months until today. When I started playing around with the htaccess, it caused all of my images on the site to revert to https:// URI’s??

    Two separate problems that are somehow connected, but I’d be glad to know how to resolve the redirect loop most of all. I read a ton of articles here about how to configure this, and every one I checked had an invisible redirect loop problem as well. Both Google and Bing say this will severely affect rankings in a bad way.

Viewing 8 replies - 1 through 8 (of 8 total)

  • James, Try to update your .htaccess with the following code.

    # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# BEGIN Force http to https
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# END Force http to https

    Let me know how this goes.

    Thread Starter James Hall

    (@putarguygmailcom)

    Same result – HTTP/1.1 400 Bad Request.
    Here are my “Response Headers”:

    * Connected to www.wake-up.org (143.95.34.102) port 443 (#0)
> GET / HTTP/1.1
> Host: www.wake-up.org
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Accept-Encoding: gzip, deflate
> Connection: keep-alive
> Referer: https://www.askapache.com/online-tools/http-headers-tool/
> Cache-Control: max-age=0
> Keep-Alive: 115

< HTTP/1.1 302 Found
< Date: Tue, 09 Feb 2016 04:27:09 GMT
< Server: Apache
< Location: https://www.wake-up.org/
< Vary: Accept-Encoding
< Content-Encoding: gzip
< Content-Length: 186
< Keep-Alive: timeout=5, max=256
< Connection: Keep-Alive
< Content-Type: text/html; charset=iso-8859-1
--------------------------------------------------------------------------------

> GET / HTTP/1.1
> Host: www.wake-up.org
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Accept-Encoding: gzip, deflate
> Connection: keep-alive
> Referer: https://www.wake-up.org/
> Cache-Control: max-age=0
> Keep-Alive: 115

< HTTP/1.1 400 Bad Request
< Date: Tue, 09 Feb 2016 04:27:10 GMT
< Server: Apache
< Content-Length: 347
< Connection: close
< Content-Type: text/html; charset=iso-8859-1

    I understand about HTTP/1.1 400 Bad Request. but that seems the different issue than what the title says “Redirect Entire Site to HTTPS”.

    The code I provided above is what redirects the whole site to https.

    Thread Starter James Hall

    (@putarguygmailcom)

    Thanks for looking at the issue Dipak. However, if I remove the “force ssl” code (yours or mine) the response headers are perfect with no “Bad Request” error. That is a generic Apache error, and what is shown when a redirect loop is happening.

    The “force ssl” code is only being added to FORCE the whole site to use ssl. I don’t want a duplicate content penalty for having both HTTP and HTTPS versions of the site. However, every snippet of regex I’ve tried either doesn’t redirect all traffic to HTTPS or results on a redirect loop.

    Thread Starter James Hall

    (@putarguygmailcom)

    RESOLVED:

    First I removed the redirect regex on lines 3 and 4 from my original post, then installed the “Really Simple SSL” plugin by Rogier Lankhorst.

    Originally, this issue came about from many warnings in Bing Webmaster Tools. I discovered that I had added these sites to “My Sites” before I moved them over to HTTPS. I had to delete the sites from BWT and add them back again. It now shows that they’re being crawled correctly.

    Another coder over at https://www.codementor.io showed me 2 other header checking sites that showed correct “HTTP/1.1 200 OK” responses. Those sites were: https://tools.seobook.com/server-header-checker/ and https://web-sniffer.net/

    Be sure to check multiple sources if you have the same issue. Good luck!

    Code from Dipak is in the right direction, but I’d reverse the blocks. So:

    <IfModule mod_rewrite.c>
# BEGIN Force http to https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [R=301,L]
# END Force http to https
</IfModule>

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

    But I really think your problems root cause/culprit is in your database. I posit that your db still has a ton of links to http references, such as to your media files like images. What you need to do is search your entire db for references to https:// and replace with https://. It’s not enough to just setup redirects to https, you need to link to https everywhere.

    Ok actually I just used my headers tool to check https:// wakeup and there is definitely a problem other than htaccess.

    You need to find the error log for apache, and then paste in the relevant lines here. A 400 Bad Request error is indicative of a more serious problem than just a https => http redirect, or any redirect. You should also paste in your entire htaccess file (cleaning it to remove any identifiable strings).

    Until this issue is resolved your site will be fubar

    Thread Starter James Hall

    (@putarguygmailcom)

    Thank you for looking at this AskApache!
    I had the same thought about the database the other day and after your post I downloaded a fresh copy and found/replaced 10,086 occurrences of https://www.mydomain with https://www.mydomain – you were right about that.

    I didn’t want to take the site down so I made a new database and imported the edited version there, then updated my wp-config to reflect the change (I was afraid of serialized data corruption).

    Unfortunately, it didn’t fix it and your header-test-tool still shows a 400 Bad Request error.

    I had my hosting company look at the issue and this was their reply:

    The online tools which you are using don’t appear to integrate with SNI and the following error is recorded when a test is initiated:

    [Mon Feb 15 01:25:55 2016] [error] Hostname xx.xx.xx.xx (the IP addresss) provided via SNI and hostname wake-up.org provided via HTTP are different

    Then, they offered no solution.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Redirect Entire Site to HTTPS’ is closed to new replies.