Results 1 to 12 of 12

Thread: http to https redirect not working on 1 website

  1. #1
    Join Date
    Apr 2006
    Location
    Miami Beach
    Posts
    200

    http to https redirect not working on 1 website

    I have set up a number of websites using letsencrypt on apache and they all work fine except one... ALL sites automatically redirect http to https as selected in the DA panel, but http://nexxterra.com does not... even with an added .htaccess entry telling it to do so!
    Any other things I may be missing?
    Thanks
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Unmetered bandwidth
    BuyAWebName.com Domain name registration

  2. #2
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,487
    Well... it might be your .htaccess is wrong or some other entry is preventing it to work correctly.
    If I visit the site entering https://nexterra.com directly I do get the https and the green padlock.

    Can you place the .htaccess you used?
    Greetings, Richard.

  3. #3
    Join Date
    Apr 2006
    Location
    Miami Beach
    Posts
    200
    Should this not take care of this issue? "Use a symbolic link from private_html to public_html - allows for same data in http and https"
    I now have the same issue for http://lhrcrehab.com and that site does not use an htaccess file
    The sites like http://pets4pals.com that have the very same configuration, redirect automatically, yet a few new sites do not...
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Unmetered bandwidth
    BuyAWebName.com Domain name registration

  4. #4
    Join Date
    Aug 2015
    Posts
    314
    Then you need to create a .htaccess file in the root directory of your website to force an HTTPS connection.
    something like this:

    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    Kind regards, Fred

    Alentejo Webdesign
    Webdesign with Passion is what we do
    Web development, Hosting, Speed Optimizing & More......

  5. #5
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,487
    Should this not take care of this issue? "Use a symbolic link from private_html to public_html - allows for same data in http and https"
    No, this only takes care that you don't have to place the https part of a site in the private_html and that you can use http as wel as https in public_html.

    The sites like http://pets4pals.com that have the very same configuration, redirect automatically, yet a few new sites do not...
    They are using some kind of redirect, maybe by a redirect made in their customer panel, but they did it wrongly, should have used a 301 redirect:
    Result

    http://pets4pals.com
    302 Found
    https://pets4pals.com/
    200 OK

    Problems found:
    You use a 302 redirect. This means, that the actually content is temporary not reachable and will come back soon. To use a 302 redirection for generally moved pages is a bad idea. Search engine bot might not follow it or handle it as temporary. For SEO this is also a bad idea, because no link juice will be transferred to the linked page.
    AWD is right, you should use a .htaccess or vhost redirect.
    Last edited by Richard G; 04-24-2018 at 05:33 PM.
    Greetings, Richard.

  6. #6
    Join Date
    Apr 2006
    Location
    Miami Beach
    Posts
    200
    Quote Originally Posted by Richard G View Post
    No, this only takes care that you don't have to place the https part of a site in the private_html and that you can use http as wel as https in public_html.


    They are using some kind of redirect, maybe by a redirect made in their customer panel, but they did it wrongly, should have used a 301 redirect:


    AWD is right, you should use a .htaccess or vhost redirect.
    This is what I have had ....
    ----------------------------------------------------------------------------------------------------------------------------------------


    # Https redirect
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # Announcements
    RewriteRule ^announcements/([0-9]+)/[a-z0-9_-]+\.html$ ./announcements.php?id=$1 [L,NC]
    RewriteRule ^announcements$ ./announcements.php [L,NC]

    # Downloads
    RewriteRule ^downloads/([0-9]+)/([^/]*)$ ./downloads.php?action=displaycat&catid=$1 [L,NC]
    RewriteRule ^downloads$ ./downloads.php [L,NC]

    # Knowledgebase
    RewriteRule ^knowledgebase/([0-9]+)/[a-z0-9_-]+\.html$ ./knowledgebase.php?action=displayarticle&id=$1 [L,NC]
    RewriteRule ^knowledgebase/([0-9]+)/([^/]*)$ ./knowledgebase.php?action=displaycat&catid=$1 [L,NC]
    RewriteRule ^knowledgebase$ ./knowledgebase.php [L,NC]

    # OpenID Discovery Document (http://openid.net/specs/openid-conne...overy-1_0.html)
    RewriteRule ^.well-known/openid-configuration ./oauth/openid-configuration.php [L,NC]

    ---------------------------------------------------------------------------------------------------------------------------------

    Does not work... this is why my original post...
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Unmetered bandwidth
    BuyAWebName.com Domain name registration

  7. #7
    Join Date
    Aug 2015
    Posts
    314
    It could be a setting in whmcs?
    Can you try this?
    Code:
    ## HTTP to HTTPS ##
    
    RewriteEngine On
    
    RewriteCond %{HTTPS} !=on
    
    # This check to make sure the connection is not already HTTPS
    
    RewriteCond %{HTTP_HOST} ^(www\.)?NEXXTERRA\.com$ [NC]
    
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    Kind regards, Fred

    Alentejo Webdesign
    Webdesign with Passion is what we do
    Web development, Hosting, Speed Optimizing & More......

  8. #8
    Join Date
    Apr 2006
    Location
    Miami Beach
    Posts
    200
    Nope, no luck with that either...
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Unmetered bandwidth
    BuyAWebName.com Domain name registration

  9. #9
    Join Date
    Aug 2015
    Posts
    314
    First make sure mod_rewrite is enabled. It is enabled by default, but just to be sure.
    Please set your original setting in .htaccess back as it is correct. The in the post before mentioned was just something to try.
    Code:
    RewriteCond %{HTTPS} off
    RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    Did you try to redirect HTTP to HTTPS through Apache Virtual Host? Same result?

    Further I see that you have mixed content on nexterra.com. You need to correct that.
    Code:
    Mixed Content: The page at 'https://nexxterra.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://nexxterra.com/dologin.php'. This endpoint should be made available over a secure connection.
    If it is not working, Im afraid the custom website cause issues with the mentiones methods. So maybe you need someone to take a look into the code.
    Last edited by Awd; 05-02-2018 at 09:50 AM.
    Kind regards, Fred

    Alentejo Webdesign
    Webdesign with Passion is what we do
    Web development, Hosting, Speed Optimizing & More......

  10. #10
    Join Date
    Apr 2006
    Location
    Miami Beach
    Posts
    200
    Getting absolutly nowhere...did you not read that this is occuring on EVERY new website I am setting up with DA and lets encrypt?
    As for mixed content, I have NO custom site, my entire nexxterra.com website is a straight out of the box WHMCS site, with no modifications except for adding 6 html boxes on the index page...
    However, that does not address the same issue I an having on about 12 more websites that are totally unrelated to this one.
    Nexxterra.com Web Hosting and Domain Registration
    MassiveServers.com Dedicated servers - Unmetered bandwidth
    BuyAWebName.com Domain name registration

  11. #11
    Join Date
    Aug 2015
    Posts
    314
    Getting absolutly nowhere...did you not read that this is occuring on EVERY new website I am setting up with DA and lets encrypt?
    No, your title of this Topic says: http to https redirect not working on 1 website

    Later on you make mention of some other websites.

    I am out of ideas, maybe someone else can bring something on?
    Kind regards, Fred

    Alentejo Webdesign
    Webdesign with Passion is what we do
    Web development, Hosting, Speed Optimizing & More......

  12. #12
    Join Date
    Oct 2004
    Location
    London, UK
    Posts
    6,758
    An easy .htaccess redirect is:
    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} !on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    If you go on the https website and you got the mixed content warning you need to inspect the page and find the http call, because even if those are redirected are still considered unsecure because the call is made on HTTP and not HTTPS, doesn't matter if that gets redirected afterwards.

    For WP a suggestion is to use the plugin "Better Search Replace" and apply those changes:
    http://www.domain.tld
    to
    https://www.domain.tld

    and
    http://domain.tld
    to
    https://domain.tld

    This will change every call made from the website for the same domain from HTTP to HTTPS (usually are images).

    Hope it helps

    Best regards
    SeLLeRoNe - Andrea Iannucci
    Head of Managed Service - Senior DevOps Engineer
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •