Excluding/including SSL on specific pages Redirect rules SSL certificate

Preventing subdomains or add on domains from getting forced to https

If you have several subdomains, or add-on domains, but do not use WordPress Multisite, you’ll need a way to prevent Really Simple SSL from forwarding all subdomains to https. That is, if these subdomains do not have an SSL certificate of course.

1. In settings/ssl, disable the wp redirect, and enable the .htaccess 301 redirect.

2. Go to Really simple ssl settings and check Stop editing the .htaccess file. save this setting. Alternatively you can add this line to your wp-config.php

define( 'RLRSSSL_DO_NOT_EDIT_HTACCESS' , TRUE );.

They both do the same same thing; they stop Really simple ssl from editing the your .htaccess file henceforth.

3. Now add Add the following conditions to the rewrites currently existing in your .htaccess, between the Really Simple SSL markers. Add them after the first SSL RewriteCond, but before the actual RewriteRule:

RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com

So your really simple ssl rule changes from this below (the exact lines can differ between different servers, this is an example)

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https #this line might be different on your site
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

to this below here.

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Where domain.com and http://www.domain.com is the domain you still want ssl on.

Note your version number may be different the one here is at the time of writing this. The first rewrite condition, which is here HTTP:X-Forwarded-Proto, may differ from site to site.

Related Articles

  • 404 pages on your WordPress site when migrating to SSL

    Sometimes users have the issue that all pages get 404 errors when Really Simple SSL is activated. The cause is different from user to user and from server to server....
  • err_ssl_protocol_error

    err_ssl_protocol_error The err_ssl_protocol_error is usually caused by a failure to securely communicate with the server and often has to do with the server configuration. For any SSL related error there...
  • Avoid landing page redirects, redirecting www to non www or vice versa

    Google encourages to “avoid landing page redirects”. But in case of SSL, this recommendation may conflict with SSL best practices. At the same time, 1 or 2 redirects, as long...
  • Redirect to https not working

    After you enable Really Simple SSL, by default a PHP redirect is activated, which is called wp 301 redirect in the plugin. If you notice your site can still be...

4 Comments

  • Djordje Petković

    This was great solution, how ever it stopped working for me.

    This is my code:
    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    Can you help me? Stop editing the .htaccess file is checked and not changed.

    • Rogier Lankhorst

      Is it possible you accidentally visited the subdomain over SSL? In that case all you need to do is clear the browser cache, and try again.

      Your htaccess code looks good. Were there any changes on the server recently? Does the problem go away when you remove those lines altogether?

  • Alexandre Amaral

    Rogier,

    I am an expert user not a developer, recently we implemented SSL and my site calls two external partner urls that are not on https, now they are not loading anymore.
    Could you please let me know what would the code then ? you mention that the “domain.com” is the domain I want on SSL, but where Do I specify the 02 urls I want to exclude ?

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    • Rogier Lankhorst

      This article is about sites that are loading on the same hosting environment. If that is the case with these sites, you can limit the redirect with those .htaccess lines to one domain only. In the example, only requests from domain.com are redirected, and not from any other url.

Leave a Comment