Melody Scott
asked on
If I have SSL, should someone be able to get to the http version?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm going to upload my current htaccess file, maybe you can help me get it right? Thanks.
.htaccess.txt
.htaccess.txt
Refer to btan's comment.
You posted your .htaccess file + normally SSL is forced in the Apache config file. Something similar to what btan provided.
Unless you so a 301 from http -> https, both protocols will work.
This will have a negative effect on SEO, as use to Google treated http + https as same site. Now they're treated differently.
The effect is a duplicate content penalty for each page on a site, which means 100% pages with a penalty... which then promotes to a site wide duplicate penalty.
Very bad.... if you're SEOing your site.
You posted your .htaccess file + normally SSL is forced in the Apache config file. Something similar to what btan provided.
Unless you so a 301 from http -> https, both protocols will work.
This will have a negative effect on SEO, as use to Google treated http + https as same site. Now they're treated differently.
The effect is a duplicate content penalty for each page on a site, which means 100% pages with a penalty... which then promotes to a site wide duplicate penalty.
Very bad.... if you're SEOing your site.
ASKER
Sorry, Btan said: Do consider following code in your .htaccess file.
I was asking for help in doing that, which is why I uploaded it.
I was asking for help in doing that, which is why I uploaded it.
If you have an existing .htaccess file:
Do not duplicate RewriteEngine On.
Make sure the lines beginning RewriteCond and RewriteRule immediately follow the already-existing RewriteEngine On.
Do not duplicate RewriteEngine On.
Make sure the lines beginning RewriteCond and RewriteRule immediately follow the already-existing RewriteEngine On.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
found this, and have rewritten the htaccess file: https://wpcolt.com/force-ssl-htaccess-stop-wordpress-modifying/
Thanks for your help, but I would say it was a bit more technical than I needed. I needed more basic help actually rewriting the htaccess file, because I don't understand the code. Anyway, done now.
Thanks for your help, but I would say it was a bit more technical than I needed. I needed more basic help actually rewriting the htaccess file, because I don't understand the code. Anyway, done now.
https - port 443 TCP
In order to prevent, which is recommended, from your users to connect over http, the above btan's recommendation should be performed.
On a different web servers this is performed in a different manner.
In some cases, if can performed on the perimeter device, depends how smart it is.