Forum | Really Simple SSL

Not forcing SSL anymore!?

Home Forums General issues Not forcing SSL anymore!?

Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #11664
    Ryan
    Guest

    When I first installed Really Simple SSL (regular version, not pro), I was impressed because it seemed so quick and easy.

    But recently, it stopped forcing SSL. People are now able to browse my site using http instead of https. I want “Force SSL” to be enabled again.

    I don’t know why it stopped.

    When I look in my htaccess file, I see that the ReallySimpleSSL section is empty:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
    # END rlrssslReallySimpleSSL

    And this is what I see in the ReallySimpleSSL debug log:

    ** Detecting configuration **
    plugin version: 2.3.8
    Already on SSL, start detecting configuration
    ssl type: SERVER-HTTPS-ON
    --- force ssl: FALSE
    Mixed content fixer was successfully detected on the front end.
    ** Configuring SSL **
    testing htaccess rules...
    htaccess rules tested successfully.
    checking if .htaccess can or should be edited...
    rules already added in .htaccess.
    converting siteurl and homeurl to https

    How can I fix this?

    Thank you so much for your plugin!

    #11665
    Rogier
    Keymaster

    Hi Ryan,

    For some reason, the redirect rules were removed. They don’t get added again because the comment lines tell the plugin not to do anything. So if you remove the comment lines, and then go to the SSL settings page again, the plugin should add the .htaccess redirect again.

    Let me know if that helps.

    Rogier

    #11670
    Ryan
    Guest

    Hi Rogier,

    I really appreciate your response. Unfortunately, I’ve been unable to get this plugin to work anymore. I’ve even tried completely deactivating it and uninstalling it and deleting all its files and manually removing its section from the htaccess and then redownloading and installing it all over again.

    It still doesn’t force HTTPS.

    So I want to try now to install a previous version of your plugin to see if that works. I see that the latest version was updated 7 days ago. What were the dates on the few versions before this one?

    Maybe I’ll try to install a version from 2 or 3 months ago and see whether that works.

    Thanks!

    #11672
    Ryan
    Guest

    I rolled back to Version 2.3.3 (and didn’t try any versions in between), and it seems to be working fine for me. HTTPS is forced once again. So I’ll just keep this version and try to remember not to update.

    https://really-simple-ssl.com/knowledge-base/how-to-downgrade-to-a-previous-version-of-really-simple-ssl/

    #11676
    Rogier
    Keymaster

    Hi Ryan,
    Could you send me a debug report of your current setup as well? I’m really interested why the new version wouldn’t work. Since your debug report says the .htaccess rules were tested successfully, I would expect them to be inserted without issues.

    In the latest version, I changed the javascript redirect in an internal WordPress redirect. If this is the cause, the internal WordPress redirect apparently doesn’t work in your case.

    I don’t want anyone not being able to upgrade, so I’m thinking about reintroducing the javascript redirect, and giving the internal WordPress redirect as option besides it.

    If in your current setup, you have javascript redirection enabled, and also no redirects in your .htaccess, this might be the cause.

    Rogier

    #11677
    Rogier
    Keymaster

    For the moment, I’ve changed back the fallback redirect to the javascript redirect (2.3.9), as I’ve had a few complaints about this function. Please let me know if this fixes it for you as well.

    #11703
    Ryan
    Guest

    2.3.9 seems to work for me. Thanks for the fix!

    Here is my debug log now:

    ** Detecting configuration **
    plugin version: 2.3.9
    Already on SSL, start detecting configuration
    ssl type: SERVER-HTTPS-ON
    --- force ssl: FALSE
    Mixed content fixer was successfully detected on the front end.
    ** Configuring SSL **
    testing htaccess rules...
    htaccess rules tested successfully.
    checking if .htaccess can or should be edited...
    rules already added in .htaccess.
    converting siteurl and homeurl to https

    I’m not sure why it says force ssl: FALSE when it actually does seem to be forcing SSL.

    #11714
    Rogier
    Keymaster

    The force-ssl the plugin uses internally refers to a situation when no SSL was detected, but the user forces it anyway. That is not the case here, so it’s false.

    Thanks for the feedback.

    In your case, the plugin couldn’t insert the .htaccess rule, so for best performance, I would advise to insert manually a .htaccess redirect.
    https://really-simple-ssl.com/knowledge-base/manually-insert-htaccess-redirect-http-to-https/

    I’ll have to do some research why in your case the redirect wasn’t added automatically, because the .htaccess test was successfull.

    #11907
    Robert Schmitt
    Participant

    Hi,

    Seems I have the same issues ….

    ** Detecting configuration **
    plugin version: 2.3.9
    Already on SSL, start detecting configuration
    ssl type: SERVER-HTTPS-ON
    — force ssl: FALSE
    Mixed content fixer was successfully detected on the front end.
    ** Configuring SSL **
    testing htaccess rules…
    htaccess rules tested successfully.
    wp config jetpack fix already in place
    checking if .htaccess can or should be edited…
    rules already added in .htaccess.
    converting siteurl and homeurl to https

    .htaccess

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.9]
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </IfModule>
    <IfModule mod_headers.c>
    Header always set Strict-Transport-Security ‘max-age=31536000’ env=HTTPS
    </IfModule>
    # END rlrssslReallySimpleSSL
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

    #11918
    Rogier
    Keymaster

    Hi Robert, what issue do you have? your .htaccess looks right (redirecting to SSL), and the debug does not show any issues. What domain are we talking about, so I can take a look? In general, it’s best to start a new topic, because in most cases the issues are not the same.

    #11919
    Robert Schmitt
    Participant

    Hi..

    http://www.adi.works thx for the swift reply .. will do next time and open a new topic..

    you say it looks right but don’t force ssl: FALSE have to be true?

    Robert

    #11921
    Rogier
    Keymaster

    There is an option “force SSL without ssl detection” in the plugin, which you only need if Really Simple SSL does not detect SSL. In that case, you can “force SSL”, even though no SSL was detected. So that is what that message means. The debug and .htaccess tell me that SSL is forced for your website, so you’re good!

    #11922
    Robert Schmitt
    Participant

    Hi Rogier,

    Thx for you info and reply.. I will start a another topic about Mixed content..

    Have a qeustion..

    Thx Robert

Viewing 13 posts - 1 through 13 (of 13 total)
  • The topic ‘Not forcing SSL anymore!?’ is closed to new replies.

Subscribe