Redirect rules

Manually insert .htaccess redirect http to https

.htaccess redirect inserted by Really Simple SSL

Really Simple SSL has an option which inserts the detected .htaccess redirect rules. There are several server configurations, which each require their own .htaccess redirect. The plugin tries to detect which rule applies, and then tests the result. In some cases the test fails, or the .htaccess was not writable. In that case, you’ll have to insert the .htaccess redirect yourself. I would always recommend to redirect with .htaccess, as this is a slightly faster redirect than the default interal 301 redirect.

Enable “stop editing htaccess”

If the plugin can’t test the .htaccess redirect rule, it writes an empty set of rules to the .htaccess when you load the settings page. To prevent overwriting your manually added .htaccess, enable this setting.

SSL test page

If you go to https://www.yourdomain.com/wp-content/plugins/really-simple-ssl/ssl-test-page.php (use https, not http), you will see a page with some test results. This will look something like this:

This page is used purely to test for ssl availability.

#SERVER-HTTPS-ON# (on)
#SERVERPORT443#

#SUCCESFULLY DETECTED SSL#

In this case, you can see ssl is functioning, and the server variable server[“https”]=on.

Depending on this output, you should add a corresponding redirect rule to your .htaccess file

  • If this page is not working for your for some reason, you’ll have to find out by trial and error.
  • If this page shows “successfully detected SSL”, but you do not see any detected variables, no server configuration I know about  was found, so none of the below may apply. You’ll just have to try.
  • If you find another redirect rule which works for you, please let me know so I can improve the plugin and this documentation.

Where do I find the .htaccess file?

Open your FTP client (filezilla, or any other), go to your webroot (where you can see the WordPress files like wp-admin, wp-content), and look for the .htaccess file. Be sure to check that your ftp client shows hidden files as well.

What codesnippet do I need to add?

Add every codesnippet above the WordPress .htaccess lines. If Really Simple SSL added any rules which caused a redirect loop, remove them and set the Really Simple SSL settings to “stop editing the .htaccess file”.

If you see #SERVER-HTTPS-ON# (on), add
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
If you see  #SERVER-HTTPS-ON# (1), add
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=1
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

If you see #SERVERPORT443#, add
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

If you see #LOADBALANCER#, add
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

If you see #CDN#, add
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

If you see #Cloudflare#, add

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”http”‘
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

If you see #ENVHTTPS#, add
<IfModule mod_rewrite.c>
RewriteEngine on   RewriteCond %{ENV:HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

On the bottom of the ssl test page, you will see HTTP HOST. This should be the same as your domain. If not, you might need to hardcode your domain to prevent redirect issues, like this:

RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://domain.com/$1 [R=301,L]

Related Articles

21 Comments

  • Jonas Magnusson

    Hi,

    I’ve followed all the troubleshooting steps I can find when trying to solve the “Https redirect was set in javascript because the htaccess redirect rule could not be verified. Set manually if you want to redirect in .htaccess.”-issue.

    I’ve got the following diagnosis:
    #SERVER-HTTPS-ON# (on)
    #LOADBALANCER#

    #SUCCESFULLY DETECTED SSL#

    I tried adding this to my htaccess file without success (permission is 0644):

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.13]

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    Please advice.

    • Rogier Lankhorst

      Did you enable “stop editing the htaccess file” in the settings?
      You entered those lines, but the message still appears?

      • Jonas Magnusson

        Still got the WP error message which might have tricked me, but configuration now says “Editing of .htaccess is blocked in Really Simple ssl settings, so you’re in control of the .htaccess file.” so guess thats correct.
        Thanks!

  • Majd Taliaa

    Hi, First i want to thank you for a great Plugin.
    Now i have an issue with www and non-www

    My site works fine in www. But when somebody visits my site http://mydomain he gets forwarded to https://mydomain. But i need him to be forwarded to https://www.mydomain

    Can you please help as it worked and still works fine when deactivating the plugin.

  • Leon Mallett

    Hi Rogier – I’m having some challenges getting htaccess redirect setup. SSL is working fine, and at the moment your plugin is using Javascript redirect successfully. However your plugin didn’t write code to the htaccess file, it only wrote this:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.14]
    # END rlrssslReallySimpleSSL

    I’ve tried manually editing the htaccess file (after switching off the htaccess edit option in your plugin). I’ve also run your test page, and this is the result from the test page:

    #SERVER-HTTPS-ON# (on)
    #SUCCESFULLY DETECTED SSL#

    However, the code you advise to add to htaccess when this is the case does not work for me. It creates a connection error, and I have to revert the code by FTP to be able to access the site again.

    Furthermore – I’ve tried every single version of the code you’ve entered above in htaccess, and none of them work.

    Any ideas? My site is http://www.tidestream.net

    Thanks,

    Leon

    • Rogier Lankhorst

      You could try to hardcode your domain in the htaccess:
      RewriteRule ^(.*)$ https://www.tidestream.net%{REQUEST_URI} [R=301,L]
      Just in case your server has trouble with the default one.

  • Quentin

    Hello Rogier,

    Thank you for the great plugin.
    Im considering getting the premium version, but before i do have a question:

    I did follow your steps, in my case i added :

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    I still have the alert message (i did try with and without the cache plugin i’m using, clearing it, etc.)

    I did check “stop editing the htaccess file”, the message is still there (i also still have the other alert icon but have ““Editing of .htaccess is blocked in Really Simple ssl settings, so you’re in control of the .htaccess file” now).

    I followed your others posts tips, and everything looks ok.
    But as it is a very important part for my website (seo is decisive), i just wanted to be sure that i didnt miss something.

    Thank you for your help.

    • Rogier Lankhorst

      Hi Quentin,

      Your .htaccess looks good. The plugin looks for the rewriterule line, which is the same in all cases, I can’t say why it doesn’t pick it up. I’d have to see the debug log first. You can mail it to me as well, (you can use the contact form in the menu).

      To check if you have a correct 301 redirect, you can also use a redirect checker, like this one: http://www.redirect-checker.org/ If it’s 301, you’re good.

      • Quentin

        Thank you Rogier for your fast answer.

        I sent you the mail through the contact page.

        Cheers,

        Quentin

  • shashi

    Hey
    It says me this 🙁 .
    can you pls tell me what is the reason behind it?

    ————————————————
    SSL test page

    This page is used purely to test for ssl availability.

    #NO KNOWN SSL CONFIGURATION DETECTED#

    HTTP_HOST: http://www.ultimahub.cn
    REQUEST_URI: /wp-content/plugins/really-simple-ssl/ssl-test-page.php

    • Rogier Lankhorst

      You need to load the page over https, otherwise not SSL is used.

  • Trond-Arle

    Hey, Rogier!
    I’m having issues getting this to work.
    This is my test page:
    #LOADBALANCER#

    #SUCCESFULLY DETECTED SSL#

    HTTP_HOST: http://www.trondsworld.com
    REQUEST_URI: /wp-content/plugins/really-simple-ssl/ssl-test-page.php

    So I added the following to my .htaccess file:

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    I also added the hardcore for my domain just to try.
    I have ticked off the “stop editing” box.
    I’m not sure if I might be editing the .htaccess file wrongly.
    Appreciate any help
    Thanks 🙂

    • Rogier Lankhorst

      I’ve checked your site with a redirect checker, and you have a 301 redirect to the https version of your site, so it seems to be working.

      • Trond Arle

        Oh, that’s odd, but ok, I’ll take that 🙂 Thank you so much for getting back to me so quickly and checking that out for me! Really appreciated!

        -Trond

  • Jen

    Hi Rogier

    If my test page shows multiple results (see below), do I need to add all 3 rules to my htaccess? The plugin only inserts the Loadbalancer rule. Thanks / Jen

    #SERVER-HTTPS-ON# (on)
    #SERVERPORT443#
    #LOADBALANCER#

    #SUCCESFULLY DETECTED SSL#

    • Mark Wolters

      Hi Jen,

      normally the loadbalancer rule should be enough. However, if that not works you can try adding the other rules to see if that makes a difference. Please let me know if it works for you!

      Mark

      • Jen

        Thanks Mark – when I activated the plugin it enabled WordPress 301 redirects (our site runs through cloudlare). Should I also enable htaccss redirects or just leave WordPress 301?

        • Mark Wolters

          Htaccess is preferred, because the .htaccess file loads before WordPress the htaccess redirects are a bit faster. If you experience any issues with the .htaccess redirect you can use the WordPress 301.

          Mark

  • Roger Rosenterter

    Help please… I have the premium version and ran the scan… All OK Activated, and now cannot see any images on the site: https://www.ausgrills.com.au

    I host on servage.net

    The plugin did not make any changes to my .htaccess file and it is currently as follows:
    ——————-
    # Set SSL
    SetEnvIf SSL on HTTPS=on

    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    # SET MEMORY
    php_value memory_limit 512M

    # SET EXECUTION TIME
    php_value max_execution_time 0
    ————————-

Leave a Comment