Tag: .htaccess

  • Switching WordPress to https only

    Switching WordPress to https only

    As you might have seen I’ve switched this site to https only. The steps involved in switching WordPress to https only are pretty simple.

    Set Site URL

    First, make sure to set the proper https site URLs. You find these options under Settings » General: Wordpress set site URL to https

    Redirect non-https traffic

    Second, make sure to redirect all non-https requests to https-only in your .htaccess file. In the example below I’ve included an automatic redirect to the www subdomain for the SSL certificate. You can safely ignore this step in case you have a different setup:

     
    RewriteEngine On
    RewriteBase /
    
    RewriteCond %{HTTP_HOST} !^www.
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    
    RewriteRule ^index.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    
    

    Update media URLs

    Afterwards, you (probably) need to update the URLs of your referenced media files in your blog posts/pages. Do so by issuing the following command (of course replace with your proper domain):

    UPDATE wp_posts SET post_content = 
    replace(post_content, 'http://www.YOUR-DOMAIN.com', 'https://www.YOUR-DOMAIN.com');
    

    Update template and plugins

    Finally, you need to make sure that your theme and respective plugins do not statically reference any http-only files, e.g. fonts.google, etc. For instance, for the tiga-theme that this site’s is derived from you need to overload the Google fonts URL set by enqueue.php (replace http:// with // only):

    wp_enqueue_style( 'tiga-font', 
    '//fonts.googleapis.com/css?family=Francois+One|Open+Sans:400italic,400,700', 
    null, TIGA_VERSION, 'all' );
    

    That’s it 😉