Really Simple SSL

Avoid landing page redirects, redirecting www to non www or vice versa

Rogier

Rogier

Share on facebook
Share on twitter
Share on linkedin

Google encourages to “avoid landing page redirects”. But in case of SSL, this recommendation may conflict with SSL best practices. At the same time, 1 or 2 redirects, as long as they are 301 permanent, are not harmfull at all. Let me explain.

Why is there a double redirect in my site?

WordPress internally redirects your site to the primary domain, which is entered in settings/general. For example, when your site url is http://www.domain.com, and you type in http://domain.com, WordPress redirects to the www domain.

Really Simple SSL adds another redirect: from http to https. To follow best practices, the redirect is by default to the https variant of the request url. So if you type in http://domain.com, Really Simple SSL will redirect to https://domain.com. WordPress will then redirect to the www domain. Google will give a notice about this to “avoid landing page redirects”. Consequently, some think that this is bad for SEO and site speed, I don’t agree: two redirects on your site will not cause any SEO issues, and as for sitespeed: such redirects are only active when users request an “old” url, and furthermore, are very fast when implemented in the .htaccess.

Don’t avoid landing page redirects when using HSTS

HSTS is an important reason not to avoid landing page redirects: the HSTS preload list requires your site to redirect to https first, then to www or non www. If you want to preload your site on the preload list, don’t try to avoid this one extra landing page redirect.

Why is this important? HSTS headers should only be sent when the connection is https. As a result, if you would redirect http://domain.com directly to https://www.domain.com in one redirect, the non-www domain does not set the HSTS header. This would enable a man in the middle to show a malicious non https site to an unsuspecting visitor. HSTS is not set on the non-www domain, so the browser can show the fake website where the hacker can request personal data from the user, who is thinking he is on your website.

Please note that these redirects are only activated when the url is requested over the non-primary domain. As all redirects are done with 301 redirects, search results will only show the primary domain, and your users will never experience a redirect. Only old links on the web can cause a redirect.

Another issue with redirects: no SSL on www, or on non-www

You might also have SSL only for the www domain, or only for the non-www domain. If that is the case, you’ll find that your non SSL domain won’t function anymore if you move to ssl. To counter this, you could redirect all  requests coming in on the non www domain to the www domain.

How to bypass these redirects

You can also edit the .htaccess (edit the .htaccess file that’s in your web root, where the wp-config.php is) manually, by adding these lines (please note: add these lines outside the WordPress and Really Simple SSL comments)

#redirect non-www to www
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

These rules in human language:

When rewrite condition “all domains that not start with www” is met
Redirect to the www domain.

If you want www redirecting to non www, add this to your .htaccess:

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]

RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

The end result in your .htaccess should look something like this, where the new redirect is added separately above the redirect inserted by Really Simple SSL:

#redirect all www requests to non-www.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>

#redirect all non https requests to SSL
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
<IfModule mod_rewrite.c> RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Related articles

58 Responses

  1. Hi Rogier,

    Is there a specific place in the .htaccess where we should put this code to make it work correctly? I want to make sure that is anyone types http://www.certificacione.com or http://www.certificacione.com it gets redirected automatically to https://certificacione.com as my SSL doesn’t work with the www (gives a security warning in the browser). I try inserting your code as follows but I dont see the redirection from www to non www happening. Let me know if I place it in the wrong place or with the wrong format.

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.14]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

  2. Could you try the following:
    Add it to the top, and add “rewrite engine on” before, see example below. Let me know if that helps!

    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.14]
    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    # END rlrssslReallySimpleSSL
    # BEGIN WordPress
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # END WordPress

    1. Hi Rogier,

      Thank you for this info. I too, have an issue with this code. HTTP has moved to HTTPS on a site I manage. 301 to 200. I’m receiving “remove redirect chain” in pingdom. The code
      #redirect non-www to www
      RewriteCond %{HTTP_HOST} !^www\.
      RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

      is the only one that seems to work without crashing the site, but it doesn’t solve the redirect. Sort of confused how to solve the rest of it. Help would be much appreciated!

      1. Hi,

        on what domain are you experiencing issues? Having a redirect chain from example http:// -> https:// -> https://www isn’t an issue. Can you check if the site address in WordPress also includes www?

        Mark

          1. Does visiting the site on the front-end also result in a redirect loop?

            The redirect you have provided seems to fine, it only does one redirect from http:// to https://www. Having at least one redirect is normal when your site is on https://. When a user types in http://yourdomain.com they will be redirect to https://www.yourdomain.com in your case. The only way to visit the site without redirects is visiting the https://www.yourdomain.com domain directly.

  3. Hello!
    Sorry to disturbe you, but I have problems with redirect from www to non www.

    http://mysite.com > https://… works great
    But http://www.mysite.com and https://www.mysite.com do not works to redirect to https://mysite.com

    Sorry for my bad english. Code from my htaccess is here:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL
    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

  4. hallo i have a problem!
    i have managed to put
    #redirect all www requests to non-www.

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    and everything is ok with https look but when i add the rest code i camnnot enter the site! can you help?

    #redirect all non https requests to SSL
    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    i place it right after the first code

    thanks for your time

    1. Hi Giorgos,

      it would be easier to enable the ‘htaccess redirect’ option in the Really Simple SSL options because that will choose the best solution for you automatically and you don’t have to worry about editing the file yourself :). If that didn’t work and you need to edit the .htaccess and now your site is not working anymore, could you explain what error message you are getting exactly?

      Mark

  5. You can follow the steps in this article, or you can use Really Simple SSL pro, which handles this as well if you enable .htaccess redirect.

  6. Hello,
    I’m using your example on my blog. It FIXED the landing page error, but it screwes some photos that are not displayed.

    Please let me know where is the error if you can spot it.

    # DO NOT REMOVE THE FOLLOWING LINE
    AddType application/x-httpd-php55 php

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*) https://www.%{SERVER_NAME}/$1 [L,R=301]
    RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ – [F,NC]

    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    ExpiresActive On
    ExpiresByType text/html “access plus 1 month 1 days”
    ExpiresByType image/gif “access plus 1 month 1 days”
    ExpiresByType image/jpeg “access plus 1 month 1 days”
    ExpiresByType image/png “access plus 1 month 1 days”
    ExpiresByType text/css “access plus 1 month 1 days”
    ExpiresByType text/javascript “access plus 1 month 1 week”
    ExpiresByType application/x-javascript “access plus 1 month 1 days”
    ExpiresByType text/xml “access plus 1 seconds”
    ExpiresDefault “access plus 2 days”

    # END WordPress

    1. Hi Dan,

      on what domain do you experience these issues? I’ve taken a look at computerblog.ro but don’t see anything wrong at first sight. If you can give me an example of a page or other domain where you experience these issues we can take a look.

      Mark

  7. Hello,
    I am using this
    #redirect all www requests to non-www.

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^www.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    #redirect all non https requests to SSL
    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    But the following code doesn’t work for my domain https://banglatribunes.com

    1. Hi,

      can you try to place the following code, including at the top of your .htaccess file?


      RewriteEngine On
      RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
      RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

      #redirect all non https requests to SSL
      # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.11]
      RewriteEngine on
      RewriteCond %{HTTPS} !=on [NC]
      RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

      # END rlrssslReallySimpleSSL

    1. Hi,

      it looks like there is one additional redirect in your chain. If the site address in the WordPress general settings is https://yourdomain.com, a request from http://yourdomain.com should redirect to https://yourdomain.com without any redirects in between. If it redirects to http://www first is likely an additional redirect configured in your .htaccess file. Sometimes you can have two redirects. When a users visits http://www.yourdomain.com they will first be redirected to https://www.yourdomain.com and then https://yourdomain.com. This is normal and nothing to worry about. To eliminate this entirely and redirect every request to https://yourdomain.com you can try to add the following code to your .htaccess file:

      #redirect all www requests to non-www.

      RewriteEngine On
      RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
      RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

      1. Thanks so much,

        So if someone wants to redirect from non-www to www, would the following code be correct?

        #redirect all non-www requests to www.

        RewriteEngine On
        RewriteCond %{HTTP_HOST} ^non-www\.(.*)$ [NC]
        RewriteRule ^(.*)$ https://www%1/$1 [R=301,L]

        1. There is one line not entirely correct (the ^non-www/ one). The correct code to redirect from non-www to www is:

          RewriteEngine On
          RewriteCond %{HTTP_HOST} !^www\.
          RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

  8. Hi
    Thanks for this article. I must be missing something as I cannot get pingdom to stop telling me:
    Remove the following redirect chain if possible:

    http://mydomain.com/
    https://mydomaincom/
    https://www.mydomain.com/

    No matter what code I use from this page – and I’ve litterally spent over an hour reposting my htaccess file with variations from this site — nothing stops the pingdom advice? I did the smae yesterday from stackexchange. Surely it shouldn;t be this diffcult, so why is there so much conflicting advice?

    I have a simple WordPress site with ssl. Why is this so difficult as nothing apopears to make the slightest difference?

    Thanks for any insights,

    Beyond frustrated…

    1. The point of this article is that Pingdom is wrong about these redirects where it concerns SSL: you should leave these redirects as they are. Pingdom treats SSL redirects just as any other redirect, which is not the correct approach. Nevertheless, the .htaccess snippets posted here are tested and working examples of how you could do this if you don’t want to use best practices on your site.

      1. Thank you Rogier,

        Is it not the case that if someone types in mydomain.com that it is having to be redirected to https://mydomain and then again onto https://www.mydomain, isn’t that causing a second or two delay in showing my page?

        What resource would you recommend to see why a site is slow? The webhost says “the network connection time measure was within the reasonable 300 ms. The time to first byte depends on the CMS.”

        I can visit my website here in Herts. UK and my webhost is 20 miles up the road in Berks. and it can still take 5+ seconds for the site to fully load and that’s with cloudflare, the webhost optimising the WPSupercache plugin settings and any plugins not used deactivated, plus the database has been optimised.

        Periodically my site can take 10 seconds to update a save when I am editing a page or post. It’s been going on a long time but no-one (cloudflare, my host or web developers) can explain why – it’s not a big site either with heavy graphics, just a blog.

        Any ideas gratefully appreciated as it’s getting to the point now where I am thinking of pulling the site? (I have most of my first page organic google rankings – due to going onto the “wonderful cloud” and having a clash with my hosts rotating cloud IP’s and Cloudflare black listing some of the IP’s and this causing a site defacement of my css, hence google demoting me).|

        Cheers
        Ian

        1. Hi Ian,

          Two redirects might cause a slight delay, but this certainly is not the cause of your response issue: a redirection only applies to users who request your site over http://. As Really Simple SSL adds a 301 redirect and Google will list sites only with https after the switch, this only applies to direct visits to the http:// URL on the first visit.

          As you yourself have this issue, this cannot be caused by the redirect. Usually, if a site is slow, this is caused by third party scripts delaying the loading of the site. I would recommend to use WP Rocket or Fastest Cache for caching, which in my opinion are the best caching plugins. If this doesn’t help, I would try deactivating plugins and switching to a default WP theme to test if this helps.

          As testing tool I would recommend tools.pingdom.com

  9. I’ve don it at the way said here (and in the comments):

    Above the htacces I put:
    #redirect non-www to www
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
    #end redirect non-www to www

    but still when I go to http://ptera.nl it give a false.

    What is my solution?

  10. Hi i have a simple a question and excuse me if im a big noob, my hosting company added the script by itself to hatccess and its working perfectly for http://www.alahas.com.do, do i have to leave unchecked the options wordpress redirect 301, htacces and javascript in the really simple plugin settings??
    this is the script that my hosting company inserted

    # BEGIN WordPress

    RewriteEngine On
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    I mean its not necesary to have checked this options? Obviously simple plugin will tell me that i have a
    warning Enable a .htaccess redirect or WordPress redirect in the settings to create a 301 redirect. But without it is working excelent. Can i dismiss that warning ?

    1. I would recommend to move the redirect script outside the WordPress comments, otherwise you risk it being overwritten when WordPress rewrites the redirect.

      It is not necessary to enable the .htaccess redirect now. This will insert the same redirect. You can leave the wp redirect enabled.

      1. Rogier thank you so much i have 2 more questions.
        1-U told me just enable the wp redirect? But it wont have 2 same actions for the same thing? The script is not already doing the redirect, then why enable the wp redirect also?

        2- Before installing wp rocket i was having the redirect chain perfectly. But today i a saw a comment that is not good to have for example
        Alahas.com.do redirects directly to
        https://www.alahas.com.do

        Its ok in the way it is?

        1. You can also disable the 301 WordPress redirect option and then dismiss the ‘no redirect enabled’ warning that Really Simple SSL shows. The .htaccess redirect rules added by your hosting provider will still redirect the site to https://.

          Redirecting to https://www directly isn’t an issue, only if you want to enable HTTP Strict Transport Security (see https://really-simple-ssl.com/hsts-http-strict-transport-security-good/). Otherwise your current setup is fine.

          Mark

          1. I would recommend to leave the redirect chain as it is, in two steps. There are no SEO benefits from removing this one redirect.

      2. Rogier whats the correct way to split this
        # BEGIN WordPress

        RewriteEngine On
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
        RewriteBase /
        RewriteRule ^index\.php$ – [L]
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . /index.php [L]

        # END WordPress

          1. Thank you so much Rogier and Mark. God bless you for all the help given to me.

            Rogier told me to split the script in my htacces the one for worspress and for ny redirect. Do you know how to split it?

  11. Hi guys i will really appreaciate an advice from you, i was diving in the internet searching about why its so slow when redirecting from non www to www and i found someone edited his really simple redirect htaccess and walah then when typing the url without anything just example.com was loading as fast as https://www.example.com.
    Please are there any future problem or its no recommended using the scrip whitch the guy edited, becuase its load really fast and i would like to use it, but i need you advise it will mess something or even SEO?

    Here is the really simple redirect as default
    # BEGIN rlrssslReallySimpleSSL rsssl_version[3.0.5]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

    # END rlrssslReallySimpleSSL

    and here is how the guy edited the script
    # BEGIN rlrssslReallySimpleSSL rsssl_version[3.0.5]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    #RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
    RewriteRule ^(.*)$ https://www.alahas.com/$1 [R=301,L]

    # END rlrssslReallySimpleSSL

    1. Hi Laura,
      It is not recommended to use a bypass for this redirect. This has to do with security considerations: if you bypass the non www domain, security headers won’t get set on the non www domain.

      If you use a 301 redirect, the redirect will only execute once for each user, and only for users which type in your domain directly in the browser. So only a small percentage of your requests will use this redirect.

      1. Thank you so much, i agree with you the only persons that will use are the ones that will write it manually as example.com. And theres nothing to do to make the redirect load a bit faster? in case no, i really thank you for you advice!!!
        Thank you so much for fast response algo <3

  12. Hello,

    I hope you are still responding to this blog. I have the situation where I have a URL, for example, https://example.com.au.

    With some of the code I have used from here the following URLS redirect to https://example.com.au being:

    example.com.au
    http://www.example.com.au
    http://www.example.com.au

    However, https://www.example.com.au always fails.

    The entire code from my .htaccess file is as follows:

    ************************************************************************

    RewriteEngine On
    RewriteRule .* – [E=noabort:1]
    RewriteRule .* – [E=noconntimeout:1]

    REDIRECT all www requests to non-www
    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    # BEGIN rlrssslReallySimpleSSL rsssl_version[3.2.5]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

    # END rlrssslReallySimpleSSL

    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    ************************************************************************

    I have not had this problem with the other websites I have converted over to HTTPS enabled. I haven’t even had to modify the .htaccess file.

    What am I missing here?

    Regards,
    Diana.

      1. Here are my results with the domain of focuscctv.com.au:

        Removing REDIRECT section for FOCUS CCTV .htaccess file
        http://focuscctv.com.au -> https://focuscctv.com.au
        focuscctv.com.au -> https://focuscctv.com.au
        http://www.focuscctv.com.au -> https://www.focuscctv.com.au (fails)
        http://www.focuscctv.com.au -> https://www.focuscctv.com.au (fails)
        https://www.focuscctv.com.au -> https://www.focuscctv.com.au (fails)

        REDIRECT section back in for FOCUS CCTV .htaccess file
        http://focuscctv.com.au -> https://focuscctv.com.au
        focuscctv.com.au -> https://focuscctv.com.au
        http://www.focuscctv.com.au -> https://focuscctv.com.au
        http://www.focuscctv.com.au -> https://www.focuscctv.com.au
        https://www.focuscctv.com.au -> https://www.focuscctv.com.au (fails)

        Keeping the REDIRECT section solves most problems but if I remove it then it is worse. In both situations the https://www.focuscctv.com.au URL is always the problem. I can’t work out how to fix it.

        The error I receive is:

        ************************************************************************************
        Secure Connection Failed

        An error occurred during a connection to http://www.focuscctv.com.au. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP

        The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

        Please contact the website owners to inform them of this problem.
        ************************************************************************************

        At the moment the REDIRECT code is better than not having it.

          1. Manage Installed SSL Websites
            FQDNs

            Certificate
            Expiration

            Document Root

            Actions

            autodiscover.focuscctv.com.au
            cpanel.focuscctv.com.au
            focuscctv.com.au
            mail.focuscctv.com.au
            webdisk.focuscctv.com.au
            webmail.focuscctv.com.au
            http://www.focuscctv.com.au

            11/3/19

            /public_html

            Uninstall Update Certificate Certificate Details Use Certificate for New Site
            Certificate ID: focuscctv_com_au_c8c92_dc0bf_1572802882_9de234ce6944d2ca32028c306a718088
            Domains:

            autodiscover.focuscctv.com.au
            cpanel.focuscctv.com.au
            focuscctv.com.au
            mail.focuscctv.com.au
            webdisk.focuscctv.com.au
            webmail.focuscctv.com.au
            http://www.focuscctv.com.au

            Issuer: Let’s Encrypt
            Key Size: 2,048 bits (c8c9221c …)
            Expiration: Nov 3, 2019 5:41:23 PM

    1. Hi,

      your site returns an ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. This occurs when the server and browser cannot establish a secure connection. This can be fixed by your hosting provider. They have access to the server and can update the cipher configuration. Besides that, your certificate seems to be missing the www. domain. The http://www.focusctv.com.au should be added to the certificate as well, alongside the non-www domain.

      Mark

  13. Mark,

    I finally had success. Through some of the feedback here I was able to establish that in cPanel under the DNS Zone Editor the CNAME record for http://www.focuscctv.com.au was pointing to something other than the parent domain. Once I fixed that all the URL combinations now successfully redirect to https://focuscctv.com.au.

    This blog has been extremely useful in helping me solve the issues I have had with this one website!

    Many thanks!!

  14. Hello guys,
    I just tested my site with GT Metrix first with http://www it gives me 9 seconds loading time and than with https://mydomain.com it gives me 4 seconds loading time.
    So the problem it says that are the redirects:
    http://www.hvacsupplies.eu/
    https://www.hvacsupplies.eu/
    https://hvacsupplies.eu/

    So what should I do now? Do I need to leave as it is or I need to change the script in .htaccess? At the moment I have the following script there :

    1. # BEGIN rlrssslReallySimpleSSL rsssl_version[3.2.9]

      RewriteEngine on
      RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”http”‘
      RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
      RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

      # END rlrssslReallySimpleSSL

      1. Hi,

        the redirect on your site is indeed very slow, especially for an .htaccess redirect as it’s the fastest redirect available. The .htaccess redirect is done before WordPress is even loaded. Since this seems to be caused by a slow webserver I’d suggest to contact your hosting provider about this.

        Mark

Leave a Reply

Subscribe