My lamp server keeps trying to load https but I don't have ssl set up

My domain is: wonkylogic.co

I had my LAMP server (on Digital Ocean) set up a couple weeks ago and it was working ok. I then tried setting up SSL with certbot but somehow I broke something so that my website would not load (tried on multiple browsers). So I decided to follow instructions in forums here to remove my SSL certificates and start over. But I broke my website entirely so that nothing was loading. I've spent hours trawling forums here and Stackoverflow etc to try and recitify this, lastly resorting to purging Apache, PHP and Mysql. I've reinstalled and verified that:

  1. PHP is working.
  2. I can open up index.html if I include a basic index.html file in my directory.
  3. PHP is talking to mysql (I set up a testing php page linked to a mysql database and it worked).

I am trying to get my website working without SSL right now and then I will try to reinstall certbot after that and hopfeully get a better outcome.

But if I delete index.html then my website fails to load - tried on Firefox, Chrome and Safari (macOS and iOS). It looks as though the website keeps trying to force https rather than http, i.e. I type in http://wonkylogic.co and when the browser fails to load, in the address bar there is https://wonkylogic.co instead.

I've seen some really insightful answers provided to other users here so I'm confident there is someone here who would know what I'm doing wrong. I'm at the end of myself here - it is so frustraing to not be able to nail this down. If I can't resolve this then I am going to have to destroy the droplet and really start over.

My web server is (include version): Digital Ocean Droplet

The operating system my web server runs on is (include version): Ubuntu 20.04
NOTE that I am using apache configuration files to direct traffic to the correct directory based on the domain name (Virtual host) for the purpose of being able to run multiple websites from the server. I don't have any other websites on there yet but trying to leave the door open to that. This may well be a source of my problems.

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No, all done over SSH

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

3 Likes

WordPress seems to be redirecting all HTTP to HTTPS:

curl -Iki http://wonkylogic.co/
HTTP/1.1 301 Moved Permanently
Date: Mon, 18 Jan 2021 00:25:20 GMT
Server: Apache/2.4.46 (Ubuntu)
X-Redirect-By: WordPress
Location: https://178.62.81.134/
Content-Type: text/html; charset=UTF-8

[and rather poorly; as it is using an IP in the URL]

4 Likes

Wow, thank you. This has been driving me crazy! My next question is where does Wordpress store that redirect command? You may not know in which case I will ask on wordpress forums. Thank you so much for figuring this out - that's a neat command curl -Iki.

4 Likes

So I've been looking into this further now that I've been pointed in the right direction. Possible methods of Wordpress redirection appear to be .htaccess, in php configuration files and possibly mysql database. I'm pretty sure that .htaccess is not redirecting my site (having looked there). I have trawled through my php files using grep in the terminal. And I had a copy of database downloaded so I searched that.

  1. The database was riddled with references to https://<ip_address>. So within mysql in the terminal I did my best to replace instances with http//wonkylogic.co. I'm not sure whether I caught them all, and my site still doesn't load. So I'm going to investigate using a back up that I replaced every instance of ip address with url in a text editor and I'll try linking my website to that. Who knows, maybe..

  2. The matches I found in php for redirect commands didn't surface any obvious https redirects (but I'm no php expert). I have added some lines of php that should prevent direct to http. I used the curl command you shared in your post.

With the extra lines of php I put in I get...

curl -Iki http://wonkylogic.co HTTP/1.1 301 Moved Permanently Date: Mon, 18 Jan 2021 20:06:40 GMT Server: Apache/2.4.46 (Ubuntu) X-Redirect-By: WordPress Location: http://www.wonkylogic.co/ Content-Type: text/html; charset=UTF-8

Well at least it isn't a redirect to https, but my site still doesn't load.
Without the lines of php I get...

curl -Iki http://wonkylogic.co HTTP/1.1 200 OK Date: Mon, 18 Jan 2021 20:13:30 GMT Server: Apache/2.4.46 (Ubuntu) Link: <http://wonkylogic.co/wp-json/>; rel="https://api.w.org/" Link: <http://wonkylogic.co/wp-json/wp/v2/pages/51>; rel="alternate"; type="application/json" Link: <http://wonkylogic.co/>; rel=shortlink Content-Type: text/html; charset=UTF-8

TBH I have no idea how to interpret that; maybe it's legit. So the php code does something but evidently not what I need.

I am beginning to think that the errors run too deep and I will need to kill the whole server and start over. But my worry is that I will go through all that and then somehow reinstate the errors.

2 Likes

In wordpress settings >> permalinks may shed more light for you if you haven't already looked

3 Likes

At present I cannot access Wordpress settings via the browser - yes things are really that screwed. So I'm having to do everything over SSH. Do you have any suggsetions of what I would look out for in terms of the php files (i.e. which files and what content I need to change within the files)?
There is a wp-settings.php file.

Actually I do have a backup of WP-Content directory that I made prior to migrating my website to the new server, so I think I am going to delete that directory and restore from my backup. And I will upload my database backup … then attempt to link the database to the website and fingers crossed all my apparently many errors won't be there.

2 Likes

Have you tried uploading your index.html file since you deleted that? Even getting your redirects and other issues fixed, if your homepage is missing... then there's no homepage to show.

2 Likes

When I have my index.html page in the directory (it is there now in the hope that it will serve as a temporary landing page) it seems that it is only navigable if you navigate there directly (i.e. have to type wonkylogic.co/index.html). So that may be something - apache isn't directing traffic to it if a visitor only types the domain.
But when I delete index.html there is still index.php available and that should be loaded if .html is not available.
I'm trying right now to replace the database and website files. I will also go over the apache config files and double check they should be ok. The fact that index.html isn't loading from the domain is concerning me.
In other news I think that the curl -Iki output looks better (?):
curl -Iki http://wonkylogic.co
HTTP/1.1 200 OK
Date: Mon, 18 Jan 2021 23:51:12 GMT
Server: Apache/2.4.46 (Ubuntu)
Last-Modified: Mon, 18 Jan 2021 23:49:16 GMT
ETag: "c7-5b9355ead79f9"
Accept-Ranges: bytes
Content-Length: 199
Vary: Accept-Encoding
Content-Type: text/html
From my novice interpretation of the above the Wordpress or other redirect is no longer operational.

1 Like

You need to understand how Apache serves files.
Look into the setting: DirectoryIndex

2 Likes

I know that Apache preferentially serves index.html over index.php unless you change the DirectoryIndex setting to change that.
But for now I am just changing the name of index.html so that Apache should load index.php.
I have now tried using my backups and that didn't resolve anything. So I'm now trying to set up a totally fresh install of wordpress to verify that there isn't some corrupt config file somewhere.

1 Like

Thank you all for your input. I appreciate that it takes time and thought to respond to other people's questions.
I've set up a fresh Wordpress site and it is having problems creating directories in order to install themes. Therefore I have concluded that the server is beyond the pail now. I think that I have no alternative apart from destroying it and rebuilding it.

2 Likes

So wiping it down and redoing everything is not always going to solve your issues.
If you build it the same way, you'll have the same problems when you are done. Right back where you started.

Wordpress needs "permissions" to perform it's tasks. Suggested Reading:

4 Likes

Yeah that's true. I guess that's the frustration in me speaking. Thanks for the link - I'll read up.

3 Likes

Hi again. I'm still here - just. Having reflected on everything I have done so far:

  1. The instructions I followed to set up LAMP was Wordpress specific. It also matches a different tutorial I am looking at. There may have been a problem with directory permissions somewhere but the permissions command also matches the instructions given in the suggested article: Hardening WordPress – Documentation.
  2. I wonder if I never even had things set up correctly on my LAMP server initially, as in when I thought my website was migrated could I have actually been viewing it in the previous location without knowing? Perhaps DNS records had not propogated properly. I don't know much about this but my domain is with Only Domains, my server is with Digital Ocean. Could this lead to the problems I am having

My website is now trying to force SSL on me again before I have got it working over http in the first instance.

I am trying to set up my server to just use the default apache config file 000-default.conf to see if that helps. And I saw some php before about preventing SSL connections in wordpress (temp) - I'll give that a go.

2 Likes

Look at your wordpress database at the table wp_options - what is the value of the column option_value where the option_name = 'siteurl'? And how about where option_name = 'home'? If Wordpress itself is the culprit, it usually boils down to one of those settings.

4 Likes

Hi @billynoah.
siteurl = https://wonkylogic.co
home = https://wonkylogic.co

Update on general progress. I managed to get things to the point that I could log into Wordpress, initialise it to a new website. I seem to be having write permission problems with the directories so I manually created them over ssh (themes plugins etc). Then I installed a plugin to migrate my website. Set that all up. Migrated website was owrking correctly in Safari but not Firefox or Chrome and not for external visitors.
Then took a deep breath and reinstalled certbot and I NOW HAVE SSL configured and a website that works (kind of). Well visitors can see it and navigate to pages but my links are somewhat broken. So I'm trying to fix the permalink issue I have, but I know that is out of the scope of this forum.

Thanks for your help everyone I got there eventually. If you do know what might be going wrong with permalinks and directory write issues etc with Wordpress on a LAMP server I'd like to hear your advice.
[NB www-data is directory owner, directories are 775 files are 664 according to advice I've read - no joy, don't worry (?) wp-config.php is hardened, wp-includes hardened in .htaccess]

2 Likes

If your siteurl is "https://wonkylogic.co" that would certainly explain why you were being redirected to https.

2 Likes

Sorry, my mistake - I replied with what it is now (I have a thread open on Stack Exchange so partly forgot context of what I was responding to).
At the time of the error that I stated in my OP and prior to Friday last week the values in my database were:
siteurl = http://wonkylogic.co
home = http://wonkylogic.co
But the site was still not loading correctly or redirecting. But that issue is now resolved.

3 Likes

For the reference of future help-seekers, you could have gone through the WordPress settings.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.