RS-SSL Edits to .htaccess AND wp-config

[Jim Nelson]

While troubleshooting the SSL installation on on our network with the RS-SSL Multisite Pro plugin, I selected the WordPress 301 redirect method, and then later reverted back to the .htaccess redirect method.

I now notice there are related edits to both our wp-config file and .htaccess file, which I include below.

Should both files still include these edits if we want to use the .htaccess method? I read that is faster, right? Can I safely remove the wp-config edit? Does the plugin not remove these edits when selecting the other method?

Sorry for so many questions. I searched and couldn’t find any relative answers. I am still trying to work out an issue we’re having with mapped domains and would like to rule out the fact that these edits may be conflicting each other, and I just don’t know if they should both remain.

Thank you in advance for clarification!

wp-config.php addition:
//Begin Really Simple SSL session cookie settings
@ini_set(‘session.cookie_httponly’, true);
@ini_set(‘session.cookie_secure’, true);
@ini_set(‘session.use_only_cookies’, true);
//END Really Simple SSL

.htaccess file addition:

# BEGIN rlrssslReallySimpleSSL rsssl_version[3.0.5]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

[Rogier]

Hi Jim,

The wp-config edits are not related to the .htaccess edits. The lines you see in the wp-config are used to ensure cookies are set securely. I would recommend to leave both.

Let me know if you have any questions!

[Jim Nelson]

the wp-config are used to ensure cookies are set securely.

Thank you for the clarification!

For native domain mapping, the WordPress Codex suggests adding the line below to .htaccess if login or cookie issues are encountered on sited with mapped domains.

define('COOKIE_DOMAIN', $_SERVER['HTTP_HOST']);

Will the declarations RS-SSL adds play nice with this? Or is one method preferred over the other?

[Jim Nelson]

WordPress Codex suggests adding the line below to .htaccess

CORRECTION: This edit is suggested for wp-config.php, not .htaccess.

[Rogier]

This code is also not related to the secure cookies setting, so these can be used together without any issues.

[Jim Nelson]

Thanks for the feedback. I finally have SSL covering all our sites on the network, including those with mapped domains. That last part was a challenge, but the multisite pro plugin is a great tool. Great work!

[Author]

Posts