Learn about Centmin Mod LEMP Stack today
Register Now

Wordpress Force non WWW and other URL combinations to HTTPS WWW - Wordpress

Discussion in 'Blogs & CMS usage' started by quicksalad, Apr 7, 2022.

  1. quicksalad

    quicksalad Member

    192
    11
    18
    May 31, 2015
    Ratings:
    +17
    Local Time:
    9:48 AM
    • Server (DigitalOcean)
    • I'm using LetsEncrypt with Cloudflare (Full) other CF settings untouched.
    I only have 3 config files (conf.d) folder:
    Code:
    mydomain.com.ssl.conf
    virtual.conf
    demodomain.com.conf
    I'm trying to force any URL combinations redirect to
    Code:
    https://www.mydomain.com
    When I
    Code:
    curl -I https://www.mydomain.com
    I get these results:
    Code:
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 15 Oct 2099 02:04:25 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Location: https://mydomain.com/
    Following the method Nginx Vhost & NSD DNS Setup - CentminMod.com LEMP Nginx web stack for CentOS


    Wordpress Admin Dashboard has URL settings:
    Code:
    WordPress Address (URL) https://mydomain.com
    Site Address (URL) https://mydomain.com
    That seems the trigger for too many redirects error (I'm not sure though). If I want to force any URL combinations redirect to
    Code:
    https://www.mydomain.com
    should I change the URL in Wordpress settings below?
    Code:
    WordPress Address (URL) https://mydomain.com
    Site Address (URL) https://mydomain.com (do I need to change to https://www?)
    What will happen if access the admin dashboard when I change above URL given my setup with LetsEncrypt and Cloudflare (Full)?
    Hope someone can enlighten me about this one. Thanks
     
  2. eva2000

    eva2000 Administrator Staff Member

    49,585
    11,378
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,682
    Local Time:
    2:18 PM
    Nginx 1.21.x
    MariaDB 10.x
    Whatever you want to be the final/main URL for Wordpress, you need to set that in WP admin settings URL first and then work around that for redirects. Using Cloudflare best to just remove the Nginx 302/301 non-http to https redirect from domain.com.ssl.conf Nginx vhost if it exists and backup+remove non-https domain.com.conf vhost file and then at Cloudflare level set either a Page rule to redirect non-www to www and set Always use HTTPS option or page rule. Then you can set CF to Full SSL.
     
  3. quicksalad

    quicksalad Member

    192
    11
    18
    May 31, 2015
    Ratings:
    +17
    Local Time:
    9:48 AM
    @eva2000 This solve my problem! ☕
    started exploring centmin way back 2015 and abandoned my started forums and wordpress due to fatherhood , everything back to zero .

    Here's my mydomain.ssl.conf for reference:
    Code:
    #x# HTTPS-DEFAULT
    # server { 
    #   server_name mydomain.com www.mydomain.com;
    #   return 302 https://www.mydomain.com$request_uri;
    #   root /home/nginx/domains/mydomain.com/public;
    #   include /usr/local/nginx/conf/staticfiles.conf;
    # }
    server {
      listen 443 ssl http2;
      server_name mydomain.com;
      return 302 https://www.mydomain.com$request_uri;
      include /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    }
    server {
      listen 443 ssl http2 reuseport;
      server_name www.mydomain.com;
    
      include /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
      #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/mydomain.com/origin.crt;
      #ssl_verify_client on;
    Hope I did right, it's working on my side. redirects to www https.
     
  4. eva2000

    eva2000 Administrator Staff Member

    49,585
    11,378
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,682
    Local Time:
    2:18 PM
    Nginx 1.21.x
    MariaDB 10.x
    Looks good. You can go one further and do non-www to www redirect via CF Page Rule and comment out the 302 redirect server{} context in Nginx vhost
     
  5. quicksalad

    quicksalad Member

    192
    11
    18
    May 31, 2015
    Ratings:
    +17
    Local Time:
    9:48 AM
    Done thanks again!
    BTW, why I cannot access this URL's
    Code:
    hostname/memcache_cadfsd9i73429.php
    hostname/acdfjsdfjs745924lds_opcache.php
    hostname.mydomain.com/8X32_mysqladmin76892
    I get ERR_TOO_MANY_REDIRECTS errors access in Chrome

    But accessing via form 123.X.X.X/memcache_cadfsd9i73429.php works fine. Is that normal or I messed up some configs?
    Code:
    uname -n
    hostname.mydomain.com
    virtual.conf
    Code:
    server {
                listen 80 default_server backlog=16383 reuseport;
                server_name hostnameonly; 
                root   html;
    
            access_log              /var/log/nginx/localhost.access.log     combined buffer=256k flush=5m;
            error_log               /var/log/nginx/localhost.error.log      error;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi  on;
    
            location /nginx_status {
            stub_status on;
            access_log   off;
            allow 127.0.0.1;
            #allow youripaddress;
            deny all;
            }
    
                location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
    #Enables directory listings when index file not found
    #autoindex  on;
    
    #Shows file listing times as local time
    #autoindex_localtime on;
    
    # Wordpress Permalinks example
    #try_files \$uri \$uri/ /index.php?q=\$uri&\$args;
                
                }
    
    include /usr/local/nginx/conf/php.conf;
    include /usr/local/nginx/conf/phpmyadmin.conf;
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/include_opcache.conf;
    
    include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    #include /usr/local/nginx/conf/vts_mainserver.conf;
    
           }
    etc/hosts
    Code:
    # Your system has configured 'manage_etc_hosts' as True.
    # As a result, if you wish for changes to this file to persist
    # then you will need to either
    # a.) make changes to the master file in /etc/cloud/templates/hosts.redhat.tmpl
    # b.) change or remove the value of 'manage_etc_hosts' in
    #     /etc/cloud/cloud.cfg or cloud-config from user-data
    #
    # The following lines are desirable for IPv4 capable hosts
    123.X.X.X hostname.mydomain.com hostname
    127.0.0.1 localhost.localdomain localhost
    127.0.0.1 localhost4.localdomain4 localhost4
    
    # The following lines are desirable for IPv6 capable hosts
    ::1 hostname hostname
    ::1 localhost.localdomain localhost
    ::1 localhost6.localdomain6 localhost6
    Any advise and tip helps. Thanks
     
  6. eva2000

    eva2000 Administrator Staff Member

    49,585
    11,378
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,682
    Local Time:
    2:18 PM
    Nginx 1.21.x
    MariaDB 10.x
    Those urls have their own special non-https to https redirect in Nginx main hostname vhost so if you set Always Use HTTPS at global domain level, they'd do a redirect loop. You can setup Page Rules to disable Always Use HTTPS for those specific paths or the specific main hostname.
     
  7. quicksalad

    quicksalad Member

    192
    11
    18
    May 31, 2015
    Ratings:
    +17
    Local Time:
    9:48 AM
    Just wow, thank you. As always problem solved! I disable the Always Use HTTPS and created 2 page rules 1 with always use https and the 2nd is forward url 301. Hope I did it right
     
  8. quicksalad

    quicksalad Member

    192
    11
    18
    May 31, 2015
    Ratings:
    +17
    Local Time:
    9:48 AM
    @eva2000
    After enabling Full strict I am not able to access this phpymyadmin URL,
    Code:
    hostname.mydomain.com/8X32_mysqladmin76892
    the generated password is not working.
    I did a reset but still the newly generated doesn't work. I even did a uninstall and reinstall with phpmyadmin using Addon phpmyadmin.sh - CentminMod.com LEMP Nginx web stack for CentOS but still the generated password will not work during httppassword login prompt.
    While accessing these URLs below works fine.
    Code:
    hostname.mydomain.com/memcache_cadfsd9i73429.php
    hostname.mydomain.com/acdfjsdfjs745924lds_opcache.php
    
    Could it be a redirect on Cloudflare? I enable the Always Use HTTPS but 2 URLs above are working while phpmyadmin doesnt accept the generated password. Could it be phpmyadmin conf related files? I didn't touch anything as they are auto generated.
    I notice I have these files phpmyadmin_https.conf and phpmyadmin.conf and virtual conf include the phpmyadmin.conf
    Code:
    location ^~ /8X32_mysqladmin76892/ {
        rewrite ^/(.*) https://hostname.mydomain.com/$1 permanent;
    }
    While phpmyadmin_https.conf contains
    Code:
    location ^~ /8X32_mysqladmin76892/ {
        #try_files $uri $uri/ /8X32_mysqladmin76892/index.php?$args;
        include /usr/local/nginx/conf/php_8X32_mysqladmin76892.conf;
    
        auth_basic      "Private Access";
        auth_basic_user_file  /usr/local/nginx/conf/htpassphpmyadmin;
        allow 127.0.0.1;
        #allow 170.1.11.21;
        #deny all;
    }
     
  9. eva2000

    eva2000 Administrator Staff Member

    49,585
    11,378
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,682
    Local Time:
    2:18 PM
    Nginx 1.21.x
    MariaDB 10.x
    That's because phpmyadmin.sh creates a self-signed browser untrusted SSL certificate on Nginx end and Cloudflare Full Strict needs browser trusted SSL on Nginx end. You can create a Page rule just for phpmyadmin URL and change from Cloudflare FULL Strict to just Full (non-strict) SSL mode.