Excluding/including SSL on specific pages Redirect rules SSL certificate

Preventing subdomains or add on domains from getting forced to https

If you have several subdomains, or add-on domains, but do not use WordPress Multisite, you’ll need a way to prevent Really Simple SSL from forwarding all subdomains to https. That is, if these subdomains do not have an SSL certificate of course.

1. In settings/ssl, disable the wp redirect, and enable the .htaccess 301 redirect.

2. Go to Really simple ssl settings and check Stop editing the .htaccess file. save this setting. Alternatively you can add this line to your wp-config.php

define( 'RLRSSSL_DO_NOT_EDIT_HTACCESS' , TRUE );.

They both do the same same thing; they stop Really simple ssl from editing the your .htaccess file henceforth.

3. Now add Add the following conditions to the rewrites currently existing in your .htaccess, between the Really Simple SSL markers. Add them after the first SSL RewriteCond, but before the actual RewriteRule:

RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com

So your really simple ssl rule changes from this below (the exact lines can differ between different servers, this is an example)

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https #this line might be different on your site
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

to this below here.

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Where domain.com and http://www.domain.com is the domain you still want ssl on.

Note your version number may be different the one here is at the time of writing this. The first rewrite condition, which is here HTTP:X-Forwarded-Proto, may differ from site to site.

Related Articles

  • Redirect rules in Nginx

    Use the following to redirect to https on nginx. server { listen 80; server_name my-domain.com; return 301 https://$server_name$request_uri; } Share Share Share
  • Disabling ssl for one page only

    The problem: services that don’t support SSL I think the best way to go is to get your entire site on SSL. But sometimes there are services that are not...
  • How to install an SSL certificate on localhost / MAMP

    If you do development on your own machine, then deploy to production, and you have an SSL certificate on your site, it is usefull to have SSL on your localhost...
  • Manually insert .htaccess redirect http to https

    Let Really Simple SSL handle the .htaccess redirect In most cases you can let Really Simple SSL handle the .htaccess redirect. The plugin has an option which inserts the detected...

4 Comments

  • Djordje Petković

    This was great solution, how ever it stopped working for me.

    This is my code:
    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    Can you help me? Stop editing the .htaccess file is checked and not changed.

    • Rogier Lankhorst

      Is it possible you accidentally visited the subdomain over SSL? In that case all you need to do is clear the browser cache, and try again.

      Your htaccess code looks good. Were there any changes on the server recently? Does the problem go away when you remove those lines altogether?

  • Alexandre Amaral

    Rogier,

    I am an expert user not a developer, recently we implemented SSL and my site calls two external partner urls that are not on https, now they are not loading anymore.
    Could you please let me know what would the code then ? you mention that the “domain.com” is the domain I want on SSL, but where Do I specify the 02 urls I want to exclude ?

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    • Rogier Lankhorst

      This article is about sites that are loading on the same hosting environment. If that is the case with these sites, you can limit the redirect with those .htaccess lines to one domain only. In the example, only requests from domain.com are redirected, and not from any other url.

Leave a Comment