Solved

How can I force a wordpress site to not use SSL?

Posted on 2015-01-14
11
94 Views
Last Modified: 2015-02-18
Hey all, I have a wordpress site whose functionality breaks when using https. Is there any way to force http instead of https? Our main purpose is so that search engines and our AdWords ads redirect to the functional site.
Also, our current htaccess file currently has 177 lines, and I was wondering if it could be optimized in any way? You can find it here.

Thanks!
0
Comment
Question by:Harrison Walker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40550376
You could start by removing the duplicates. This appears to be in there 5 times.
<IfModule mod_rewrite.c>
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Open in new window

0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40550383
And the MIME types are probably unnecessary because most servers already support those.  I would remove that section and see if there are any problems.  Make a backup first.

For what it's worth, this is the entire .htaccess file for one of my busier sites.  It does not have Wordpress on it.
ErrorDocument 404 /404error.htm

AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript

Open in new window

0
 
LVL 14

Expert Comment

by:Edwin Hoffer
ID: 40550518
Use this code in your .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.domain\.com$
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]

Open in new window


Change domain.com to your domain name.

Hope it will help you.

Thanks
Edwin
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:Harrison Walker
ID: 40551337
So I used the following:

RewriteCond %{HTTP_HOST} !^www\.realestateschoolchicago\.com$
RewriteRule ^(.*)$ http://realestateschoolchicago.com/ [R=301,L]

It seems to work in Chrome, but in IE, I get a "Page cannot be displayed" - for my test, I'm going to Google and searching for "chicago real estate school", then clicking on the link, which is an HTTPS link.  Any idea why this wouldn't work in IE?  Thanks!
0
 
LVL 14

Expert Comment

by:Edwin Hoffer
ID: 40551399
clear your catch and try again.
0
 

Author Comment

by:Harrison Walker
ID: 40551419
Actually, I just realized that I need to do the opposite of what I've been doing - Google has indexed ALL of the pages of our site as HTTPS, so we need to switch all pages to HTTP, *EXCEPT* for those in our shopping cart subdirectory (/xcart).  I believe that there's an .htaccess file specific to our shopping cart, but wouldn't it get overruled by the site-wide .htaccess?  Thanks again for ANY help y'all can provide!
0
 

Author Comment

by:Harrison Walker
ID: 40551428
Edwin - I actually had our hosting company test it on a fresh machine, and they verified that it's an issue for them as well.  I was asking them whether there's something unique to their environment, and they assured me t at there isn't.  Thanks!
0
 
LVL 14

Expert Comment

by:Edwin Hoffer
ID: 40551591
When Google will re-crawl your website, the URL will automatically get changed, you should not worry about this.
0
 

Author Comment

by:Harrison Walker
ID: 40552384
Edwin - we currently receive a redirect loop in all browsers when implementing this code. Any ideas?
0
 
LVL 14

Expert Comment

by:Edwin Hoffer
ID: 40552787
Try to clear the cache or use incognito browser.
0
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
ID: 40552917
If you are seeing an infinite loop, something in your site is attempting to switch over to https and then it meets Edwin's rules and tries to go back to http and thus the loop starts.

I see what you want to do but if you are involved with taking money in any way, this sentence:

Hey all, I have a wordpress site whose functionality breaks when using https

Indicates that instead of working around the issue, you need to fix whatever it is that is breaking.  You would be far better off running your site completely under https (Google even rewards this in its algorithm) than figuring out how to kludge past it.  May I suggest trying this plugin:

https://wordpress.org/plugins/wordpress-https/

and seeing if it helps the issue or not?

Also, our current htaccess file currently has 177 lines, and I was wondering if it could be optimized in any way?

Probably should open a different thread for this question.  Dave's advice is solid (remove dupes, remove the mime stuff unless you absolutely need it).

From a WordPress-specific view, the WP Super Cache stuff is untouchable and probably the bulk of the file.

I'm also not a huge fan of the Perishable Press stuff as most of it is quite old and outdated now.  The list of bots is seriously out of date and doesn't do a darn thing against modern automated WordPress attacks. You could probably remove most of the stuff you found there and not suffer for it. You would be much better off installing BruteProtect and/or WordFence and letting it handle malicious access attempts.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question