WebFaction
Community site: login faq

I have what I think is a subdomain based WordPress multisite on webfaction (I set it up so long ago that I don't remember for sure). It has blogs tied to subdomains (e.g., sub1.maindomain.com, sub2.maindomain.com).

I'd like to require all traffic to go through https rather than http. But I'm having problems setting it up.

I created a multisite SSL certificate with Let's Encrypt (i.e., one covering all the subdomains) and installed it on WebFaction.

I then modified the configuration of a redirect app I set up years ago for a different WebFaction hosted site (this was back before WebFaction supported SNI). The redirect app is supposed to re-route calls to unsecured sites (e.g., http://sub1.maindomain.com) and their secured counterparts (e.g., https://sub1.maindomain.com). The redirect app is a static app with the following .htaccess file:

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

The configuration tweak was just to add the unsecured WordPress URLs to the list of sites managed by redirect_ssl.

I switched the WordPress website in the control panel to be encrypted, using the Let's Encrypt certificate. I can then go to https://sub1.maindomain.com or https://sub2.maindomain.com and get secured access.

But if I try to go to http://sub1.maindomain.com I get a "site not set up" error. I'm not sure why that is.

In searching online I've come across references talking about configuring WordPress to force https access. Unfortunately, those reference going to a Domain Settings section which I can't find in my WordPress admin interface (I'm running the latest version of WP; maybe this got redesigned).

Another thought I had is that, since my secured sites on WebFaction were set up pre-SNI, they use the old "separate secured IP address" approach (hence the reason for the static redirect_ssl app I described). Maybe there's some conflict there. I'm willing to move to SNI, but I'm not sure how to go about that. And I don't know that it'll solve my problem.

Any advice, help, leads, etc would be appreciated.

asked 24 Sep, 17:21

MarkO's gravatar image

MarkO
113
accept rate: 100%

edited 24 Sep, 17:23


For the benefit of others, the problem turned out to be that the redirect_ssl app I had set up years ago, and was trying to apply to my WordPress app, was pointing at a different IP address (I forget why I have two different IP addresses in my account, but that was something configured a long time ago, too).

Creating a new redirect app using the correct IP address solved the problem. Kudos to the WebFaction support staff for solving this!

One other thing I learned: you also need to tweak the WordPress configuration to have it use SSL for its admin pages. Otherwise, you can't access them once you set up the https redirect.

You fix this issue by editing wp-config.php, via the command line shell, to include the following:

define( 'FORCE_SSL_ADMIN', true );
permanent link

answered 26 Sep, 17:57

MarkO's gravatar image

MarkO
113
accept rate: 100%

If you just switched the site to HTTPS and don't have an HTTP website record, then the HTTP URLs don't exist, and you'll get the "site not configured" page. It sounds like you need to create a website record with HTTPS disabled, using your subdomains and the redirect app, as described in the documentation. If that doesn't help, please open a support ticket.

permanent link

answered 24 Sep, 17:28

maryh's gravatar image

maryh ♦♦
1.3k6
accept rate: 36%

I don't understand why I'd have to create that new http website record when I have that redirect_ssl app running, which is supposed to do what it sounds like the new website record would do.

(25 Sep, 04:03) MarkO MarkO's gravatar image

I don't understand why I'd have to create that new http website record when I have that redirect_ssl app running, which is supposed to do what it sounds like the new website record would do.

A redirect app can't redirect anything if it's not attached to a site. Otherwise, it can't receive any requests to redirect.

If your redirect app is already attached to a site, then just add to that the domains that you want to redirect to HTTPS.

(25 Sep, 22:18) seanf ♦♦ seanf's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×238
×85
×13

question asked: 24 Sep, 17:21

question was seen: 123 times

last updated: 26 Sep, 17:57

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2016 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM