Excluding/including SSL on specific pages Redirect rules SSL certificate

Preventing subdomains or add on domains from getting forced to https

If you have several subdomains, or add-on domains, but do not use WordPress Multisite, you’ll need a way to prevent Really Simple SSL from forwarding all subdomains to https. That is, if these subdomains do not have an SSL certificate of course.

1. In settings/ssl, disable the wp redirect, and enable the .htaccess 301 redirect.

2. Go to Really simple ssl settings and check Stop editing the .htaccess file. save this setting. Alternatively you can add this line to your wp-config.php

define( 'RLRSSSL_DO_NOT_EDIT_HTACCESS' , TRUE );.

They both do the same same thing; they stop Really simple ssl from editing the your .htaccess file henceforth.

3. Now add Add the following conditions to the rewrites currently existing in your .htaccess, between the Really Simple SSL markers. Add them after the first SSL RewriteCond, but before the actual RewriteRule:

RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com

So your really simple ssl rule changes from this below (the exact lines can differ between different servers, this is an example)

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https #this line might be different on your site
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

to this below here.

# BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Where domain.com and http://www.domain.com is the domain you still want ssl on.

Note your version number may be different the one here is at the time of writing this. The first rewrite condition, which is here HTTP:X-Forwarded-Proto, may differ from site to site.

Related Articles

  • err_SSL_VERSION_OR_CIPHER_MISMATCH

    err_SSL_VERSION_OR_CIPHER_MISMATCH This error means that the server and client (browser) are unable to establish a secure connection between them. To establish a secure connection between the server and client they...
  • Remove .htaccess redirect on site lockout

    The .htaccess is the fastest redirect, so why not enable it by default? When you enable the setting “htaccess redirect” in settings/ssl/settings, Really Simple SSL detects the most suitable redirect,...
  • SSL working on desktop, but not on mobile (android) devices

    If the SSL certificate on your site works fine on desktop but gives an error on mobile devices (specifically Android):  this certificate isn’t from a trusted authority, there is probably...
  • Website not accessible with SSL

    If you cannot access your website, but do not have redirect loop errors, your SSL certificate might be invalid. Normally Really Simple SSL checks if ssl is available, and only...

4 Comments

  • Djordje Petković

    This was great solution, how ever it stopped working for me.

    This is my code:
    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    Can you help me? Stop editing the .htaccess file is checked and not changed.

    • Rogier Lankhorst

      Is it possible you accidentally visited the subdomain over SSL? In that case all you need to do is clear the browser cache, and try again.

      Your htaccess code looks good. Were there any changes on the server recently? Does the problem go away when you remove those lines altogether?

  • Alexandre Amaral

    Rogier,

    I am an expert user not a developer, recently we implemented SSL and my site calls two external partner urls that are not on https, now they are not loading anymore.
    Could you please let me know what would the code then ? you mention that the “domain.com” is the domain I want on SSL, but where Do I specify the 02 urls I want to exclude ?

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]

    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{HTTP_HOST} ^domain.com [OR]
    RewriteCond %{HTTP_HOST} ^www.domain.com
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL

    • Rogier Lankhorst

      This article is about sites that are loading on the same hosting environment. If that is the case with these sites, you can limit the redirect with those .htaccess lines to one domain only. In the example, only requests from domain.com are redirected, and not from any other url.

Leave a Comment