Tag: .htaccess

Recommended .htaccess redirect option

If you didn’t enable the .htaccess redirect in your site, you may see a new plus one, with a notice in your dashboard (since version 3.2): “WordPress 301 redirect enabled. We recommend to enable the .htaccess redirect option on your specific setup.” What is a 301 redirect? After activating SSL, we want to redirect everyone who attempts to visit http URLs to https. A 301 redirect indicates that the page has been permanently moved to another URL, in this

Leon Wimmenhoeve June 15, 2019

htaccess redirect to https may cause redirect to 401.shtml when using password protection

When using the .htaccess for password protection in combination with the .htaccess 301 redirect to https in Really Simple SSL, a redirect to https://domain.com/401.shtml might occur. A simple solution that has been reported to work is to add ErrorDocument 401 default To the top of your .htaccess, so the end result looks like this (the error document should come before the password lines): # Error Document ErrorDocument 401 default #password protection AuthType Basic AuthName “YOUR AUTH NAME” AuthUserFile “/path/to/file” require

Leon Wimmenhoeve March 2, 2018

AutoSSL Let’s Encrypt plugin cannot verify domain because of .htaccess 301 redirect

I recently came across an issue where the AutoSSL let’s encrypt plugin can’t verify the domain. Strange though it may seem, this tool needs to access the website over http to renew the SSL certificate. A solution can be to disable the .htaccess redirect, renew, then enable again, but this is not a very elegant solution of course. A better solution is to uninstall the AutoSSL plugin and let Really Simple SSL handle the Lets Encrypt certificate proces. If

Leon Wimmenhoeve October 10, 2017

Remove .htaccess redirect on site lockout

The .htaccess is the fastest redirect, so why not enable it by default? When you enable the setting “301 .htaccess redirect” under SSL & Security -> “Settings” in the top menu bar -> SSL, Really Simple SSL will detect the most suitable redirect and then opens a test page to verify if this option won’t result in redirect loops. Even so, the detected redirect could cause a loop: there are a lot of server configurations, and some respond unexpectedly to

Leon Wimmenhoeve February 26, 2017

Manually insert .htaccess redirect http to https

Let Really Simple SSL handle the .htaccess redirect In most cases, you can let Really Simple SSL handle the .htaccess redirect. The plugin has an option that inserts the detected .htaccess redirect rules. To select it, log in to your WordPress admin, and navigate to: Settings / SSL / settings There you will find the option “Enable .htaccess 301 redirect”. If you enable it, Really Simple SSL will detect the best .htaccess redirect for your situation. Please note that in

Leon Wimmenhoeve February 16, 2016

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular