cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL on main domain but not on addon domain on cPanel. .htaccess solution

This might help others. I host on cPanel and have two domains, the main domain and one addon. I purchased an SSL certificate for the main domain and installed it. However, when I created the standard .htaccess file to redirect http to https, it generated security errors when I attempted to go to my addon domain (technically a subdomain and not covered by my Standard SSL). I got the "return to safety message" on Chrome. I dug around and found lots of .htaccess solutions for similar solutions, but none of them worked. I ended up combining two and came up with a .htaccess that works for this situation. It redirects the main domain to https, and does not redirect the addon domain so everything works again. I would think that this is a fairly common problem so here is the solution.

 

RewriteEngine on
#exclude youraddondomain.com (or .info or .net etc)
RewriteCond %{HTTP_HOST} !youraddondomaine\.com [NC]
#http to https
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 

Where you would replace youraddondomain with your domain name and the .com with the appropriate suffix. 

 

Neither half of this original to me. I just put them together. 🙂

 

3 REPLIES 3
Rockstar II


@lightshedder wrote:

This might help others. I host on cPanel and have two domains, the main domain and one addon. I purchased an SSL certificate for the main domain and installed it. However, when I created the standard .htaccess file to redirect http to https, it generated security errors when I attempted to go to my addon domain (technically a subdomain and not covered by my Standard SSL). I got the "return to safety message" on Chrome. I dug around and found lots of .htaccess solutions for similar solutions, but none of them worked. I ended up combining two and came up with a .htaccess that works for this situation. It redirects the main domain to https, and does not redirect the addon domain so everything works again. I would think that this is a fairly common problem so here is the solution.

 

RewriteEngine on
#exclude youraddondomain.com (or .info or .net etc)
RewriteCond %{HTTP_HOST} !youraddondomaine\.com [NC]
#http to https
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 

Where you would replace youraddondomain with your domain name and the .com with the appropriate suffix. 

 

Neither half of this original to me. I just put them together. 🙂

 


@lightshedder Did you purchase the domain for two sites? You'll more than likely need an upgraded SSL that covers multiple sites.

---

Yes I did purchase both domains...or rather I owned the one I am using on the addon, and bought a new one for the main domain. And with the .htaccess installed as above, it works fine. I do not need SSL on the addon site as is only kind of repository for old work I did years ago and no one visits it much anyway. As long as it does not generate security errors I am fine with it. 🙂

interesting, this solution did not work for me and im using the exact lines you posted, 

 

I need the Main domain ssl and the sub domain http. 

 

where you have "yourdomain" i put the domain that i want http only, 

 

RewriteEngine on
#exclude no-ssl-domain.com (or .info or .net etc)
RewriteCond %{HTTP_HOST} !no-ssl-domain\.com[NC]
#http to https
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]