Hi does anyone know about SSL code please? I received the link below with some code from godaddy but it seems to have made my security message warning worse? I have installed the SSL certificate ok and also made the recommended changes in Wordpress from HTTP to HTTPS under settings general.
This code is I used and put in the htaccess file in the /public_html/ folder is below and I changed their ^coolexample\.com$ to my domain ^knockoutpics\.co.uk$
I simply changed the .com to .co.uk and tried it with a backslash .co\.uk also but this did not work either? Is it something to do with me being in the UK and not using a .com?
Solved! Go to Solution.
The first thing that struck me:
RewriteCond %{SERVER_NAME} ^knockoutpics\.co.uk$ [OR]
RewriteCond %{SERVER_NAME} ^www\.knockoutpics\.co.uk$
you don't escape the last "."
RewriteCond %{SERVER_NAME} ^knockoutpics\.co\.uk$ [OR]
RewriteCond %{SERVER_NAME} ^www\.knockoutpics\.co\.uk$
———
I've worked around (not only) SSL security for over 20 years in enterprises and startups.
I am now running an HTTPS expiry management service KeyChest.net
I have used a lot of help from open-minded communities and I try to repay some of that help.
this is the entire code for info... the second part was already in my htaccess file...
# BEGIN GD-SSL
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^knockoutpics\.co.uk$ [OR]
RewriteCond %{SERVER_NAME} ^www\.knockoutpics\.co.uk$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security "max-age=300"
</IfModule>
# END GD-SSL
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
.. and one more thing. I have just searched for .htaccess in cpanel and its come up with all those below. I have only edited the one directly under the public.html folder only as advised by the godaddy link. Is this right? Not sure if I should add the code in those below too (the ones in bold maybe?)
/public_html/.htaccess | |
/public_html/wp-content/plugins/akismet/.htaccess | |
/public_html/knockoutpics.co.uk/.htaccess | |
/public_html/knockoutpics.co.uk/wp-content/plugins/akismet/.htaccess | |
/public_html/knockoutpics.co.uk/wp-includes/.htaccess | |
/public_html/wp-includes/.htaccess | |
/public_html/Wordpress/.htaccess | |
/public_html/Wordpress/wp-content/plugins/akismet/.htaccess | |
/public_html/Wordpress/wp-includes/.htaccess |
The first thing that struck me:
RewriteCond %{SERVER_NAME} ^knockoutpics\.co.uk$ [OR]
RewriteCond %{SERVER_NAME} ^www\.knockoutpics\.co.uk$
you don't escape the last "."
RewriteCond %{SERVER_NAME} ^knockoutpics\.co\.uk$ [OR]
RewriteCond %{SERVER_NAME} ^www\.knockoutpics\.co\.uk$
———
I've worked around (not only) SSL security for over 20 years in enterprises and startups.
I am now running an HTTPS expiry management service KeyChest.net
I have used a lot of help from open-minded communities and I try to repay some of that help.