Author: Leon Wimmenhoeve
Remove .htaccess redirect on site lockout
The .htaccess is the fastest redirect, so why not enable it by default? When you enable the setting “301 .htaccess redirect” under Security -> Settings -> SSL, Really Simple Security includes the most suitable HTTPS redirect and then opens a test page to verify that this option won’t result in redirect loops. Even so, the detected redirect could cause a loop: there are a lot of server configurations, and some respond unexpectedly to the proposed rules. If this happens, you
Redirection to subfolder domains redirects to https://www.domain.com/domain.com
If you run multiple single-site WordPress installs in one hosting account, and your root .htaccess routes each domain to its own folder (for example): RewriteEngine on RewriteCond %{REQUEST_URI} !^/domain/ RewriteCond %{HTTP_HOST} ^domain.com$ [NC,OR] RewriteCond %{HTTP_HOST} ^www.domain.com$ RewriteRule ^(.*)$ /domain/$1 [L] Really Simple Security’s default HTTPS redirect can conflict with this setup and produce incorrect URLs such as: https://www.domain.com/domain.com To fix this, add domain-specific redirect rules to the root .htaccess; the file in the folder that contains all site folders. It
My website is in a redirect loop
When you experience a redirect loop (the browser shows the “too many redirects” or ERR_TOO_MANY_REDIRECTS error), this can be caused by several things, and we’ve listed the most common causes below. Most checks can be done without access to the back-end. If these steps all fail, and you still have a redirect loop, you can try to activate Really Simple Security in safe mode. This will activate Really Simple Security without a redirect and without your site URL becoming https.
Redirect loop in WordPress admin only, not on front end
WordPress depends on a variable, $_SERVER[“HTTPS”] to check if it is on SSL. As a consequence, when this variable is not set and SSL is forced, WordPress tries to redirect back to http. This causes redirect loops on the back-end only, and not on the front-end. Really Simple Security fixes this by adding the following line to your wp-config.php file: $_SERVER[“HTTPS”] = “on”; If you have enabled the Really Simple Security plugin and clicked “Activate SSL”, but still experience this
www not redirecting to non-www on Cloudflare
Recently I encountered an interesting issue with redirection from www to non-www. The non-www site worked perfectly after migration to SSL, but the www site gave a 404 Not Found error or an SSL server error. The issue was eventually resolved by the hosting company. If a user has connected a site to Cloudflare using the service offered by many hosting providers within Cpanel, then ONLY the domain at the root will be used. If you have installed your site