The MU forums have moved to WordPress.org

SSL not to www, but to subdomain SSL (10 posts)

  1. r-a-y
    Member
    Posted 14 years ago #

    Need some help regarding SSL and WPMU.

    I just tried using FORCE_SSL_ADMIN and FORCE_SSL_LOGIN in wp-config.php, but this forces SSL to https://www, instead of our secure subdomain - https://secure.

    Going to any URL in the secure subdomain redirects to hxxp://www.example.com.

    So I'm guessing it's a RewriteRule issue.

    Any idea what I have to do to change this?

    ---

    I should note that we're using subdirectory setup for WPMU.

  2. r-a-y
    Member
    Posted 14 years ago #

    Okay, I'm quite sure now that NOBLOGREDIRECT is causing the redirect back to www because secure.example.com is not an actual blog.

    Still looking for a fix.

  3. webhostuk
    Member
    Posted 14 years ago #

    can you paste you rewrite rules as its seems to be some problem at that end I guess.

  4. r-a-y
    Member
    Posted 14 years ago #

    Options +FollowSymLinks -Indexes
    RewriteEngine On
    RewriteBase /

    #Redirect non-www to www except for Windows Live Writer requests
    RewriteCond %{HTTP_HOST} ^example.com
    #RewriteCond %{HTTP_USER_AGENT} !.*writer* [NC]
    RewriteCond %{REQUEST_URI} !xmlrpc.php$
    RewriteCond %{REQUEST_URI} !wlwmanifest.xml$
    RewriteRule (.*) hxxp://www.example.com/$1 [R=301,L]

    # BEGIN ANTISPAMBLOG REGISTRATION
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .register*
    RewriteCond %{HTTP_REFERER} !.*example.com* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) hxxp://www.example.com/ [R=301,L]
    # END ANTISPAMBLOG REGISTRATION

    #download monitor
    RewriteRule ^downloads/(.*) wp-content/plugins/download-monitor/download.php?id=$1 [L]

    #uploaded files
    RewriteRule ^(.*/)?files/$ index.php [L]
    RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*
    RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]

    # add a trailing slash to /wp-admin
    RewriteCond %{REQUEST_URI} ^.*/wp-admin$
    RewriteRule ^(.+)$ $1/ [R=301,L]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule . - [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
    RewriteRule . index.php [L]

    <IfModule mod_security.c>
    <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </Files>
    </IfModule>

  5. r-a-y
    Member
    Posted 14 years ago #

    Okay correction.

    The SSL certificate is setup as a virtualhost and not a subdomain.
    Looking into how WPMU handles virtualhosts.

  6. Jason_JM
    Member
    Posted 14 years ago #

    Do you have dns entries for the subdomains?

    Also, what does the <form> code look like when you do a view source?
    Specifically, the action and hidden fields and values.

  7. r-a-y
    Member
    Posted 14 years ago #

    Hey Jason,

    I'm using a subdirectory setup for WPMU.

    If I go to hxxps://www.example.com/wp-login.php

    I see hxxps://www.example.com values for the form action and input hidden values, which is good, but our SSL certificate is for hxxps://secure.example.com; so that's a big no-no!

    Going to hxxps://secure.example.com/wp-login.php redirects me to hxxp://www.example.com.

    So what I need to figure out is how to get WPMU to use hxxps://secure.example.com instead of hxxps://www.example.com.

    It's either an issue with how we configured the virtual host or it's a WPMU thing.

  8. Jason_JM
    Member
    Posted 14 years ago #

    Make sure your conf file is similar:

    ...
        Port 80
        ServerName http://www.domain.tld
        DocumentRoot /www/domain
    
        NameVirtualHost 111.22.33.55
    
        <VirtualHost 111.22.33.55>
        DocumentRoot /www/otherdomain
        ServerName http://www.otherdomain.tld
        ...
        </VirtualHost>
    
        <VirtualHost 111.22.33.55>
        DocumentRoot /www/subdomain
        ServerName http://www.sub.domain.tld
        ServerAlias *.sub.domain.tld
        ...
        </VirtualHost>
  9. r-a-y
    Member
    Posted 14 years ago #

    Our conf file looks like this:

    NameVirtualHost *:80
    NameVirtualHost *:443

    <VirtualHost *:80>
    ServerName http://www.example.com
    ServerAlias example.com http://www.example.com secure.example.com
    DocumentRoot /var/www/example.com

    ServerAdmin admin@example.com

    <Directory />
    Options Indexes FollowSymLinks
    AllowOverride None
    </Directory>

    <Directory /var/www/example.com>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
    </Directory>

    ErrorLog /var/log/apache2/example_error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel error

    CustomLog /var/log/apache2/example_access.log combined
    ServerSignature On

    </VirtualHost>

    <VirtualHost *:443>
    ServerName secure.example.com
    ServerAlias secure.example.com
    DocumentRoot /var/www/example.com

    ServerAdmin admin@example.com

    <Directory />
    Options Indexes FollowSymLinks
    AllowOverride None
    </Directory>

    <Directory /var/www/example.com>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
    </Directory>

    ErrorLog /var/log/apache2/secure-example_error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel error

    CustomLog /var/log/apache2/secure-example_access.log combined
    ServerSignature On

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/secure.example.com.crt
    SSLCertificateKeyFile /etc/apache2/ssl/secure.example.com.key
    SSLCertificateChainFile /etc/apache2/ssl/gd_bundle.crt

    </VirtualHost>

    If anyone spots any problems, please let me know.

  10. Jason_JM
    Member
    Posted 14 years ago #

    Is your site live? Or are you able to provide a URL for test? You can send me a msg. There are a couple things I'd like to see. I'm a visual kind of person :-P

About this Topic