I would think so, unless you figured out how to manually install your certificate into cPanel, which is a task that has proven difficult for many in the past. 
2 Likes
And thank you again. All of you. You are beyond amazing. I need a glass of wine now after that debacle 
3 Likes
I'm not seeing the HTTPS redirect either. Did you toggle it on for amandagreenleestherapy.co.uk?
2 Likes
It's currently there @griffin, check with curl 
For the apex domain as well as for the www subdomain.
1 Like
I have another domain I don't use but seems to be set as the main one and that one I redirected. It says all subdomains are set to that one - I believe...
I hope so!
I see the HTTP->HTTPS redirects too. In the response headers it has "X-Redirect-By: WordPress"
Does that affect / override what Certsage would set for redirect? Because I imagine not all cPanel people would use WordPress.
3 Likes
I concur, @MikeMcQ. The HTTPS redirect is coming from WordPress. Oddly, there is no-apex to-www (or vice versa) redirect coming from WordPress. 
2 Likes
There is from my view. Both apex and www HTTP redirect to apex HTTPS. And, HTTPS for www redirects to apex
All with same "X-Redirect-By: WordPress" response header
3 Likes
Sounds like some dirty cache in the mix...
Where is that glass of wine???
LOL
2 Likes
Possibly, @rg305.
It got added. Good. 
@MikeMcQ, please verify my sanity from Redirect Checker | Check your Statuscode 301 vs 302 below.
Assuming that the apex is the intended destination where the first line is the browsed address...
Correct:
http://amandagreenleestherapy.co.uk
301 Moved Permanently
https://amandagreenleestherapy.co.uk/
200 OK
Incorrect (missing redirection to https://www.amandagreenleestherapy.co.uk in the middle):
http://www.amandagreenleestherapy.co.uk
301 Moved Permanently
https://amandagreenleestherapy.co.uk/
200 OK
Correct:
https://www.amandagreenleestherapy.co.uk
301 Moved Permanently
https://amandagreenleestherapy.co.uk/
200 OK
Correct:
https://amandagreenleestherapy.co.uk
200 OK
2 Likes
Yes, all starting places end up at HTTPS://(apex) so that's nice.
But, that WordPress plugin chooses to go directly from HTTP://(www) to HTTPS://(apex)
It's not clear to me whether that is a hazardous activity given today's browsers. There is no HSTS involved here either. In any case, it's not likely anything Amanda can do about that. Further discussion probably better off this thread.
My main reason for bringing up their WordPress redirects was to explain why Certsage cPanel redirects might not have been working. I don't have a cPanel system to experiment with so wasn't sure.
3 Likes
Perfect. Wanted to be sure the problem wasn't byzantine.
Since "force HTTPS" in cPanel is implemented in Apache (webserver level), I don't think it's active, which is why the WordPress redirects (app level) are happening.
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.