Redirecting HTTP to HTTPS on cPANEL for LetsEncrypt Certificates

georgik · May 4, 2017, 6:25am

Hello,

Yesterday I found about this great project and realized my hosting cpanel supported it.

However, since I added it my website still loads in HTTP and even if I force it manually it still doesn’t load the HTTPS version.

Would love to get a hand on that.

Cheers.

ahaw021 · May 4, 2017, 8:37am

Hi @georgik

Can you share your sites name?

This will help us figure out if both HTTP and HTTPS are configured.

Usually you want both but redirect to HTTPS from HTTP.

Andrei

georgik · May 4, 2017, 10:03am

Hello Andrei,

Thank your for responding.

My website is innerouterpeace . com

I have a rule in htaccess to redirect www to non-www (or vice versa) version of the site. Could that be the problem?

schoen · May 4, 2017, 6:07pm

Yes, if it's using http:// in the destination instead of https://.

schoen · May 4, 2017, 6:08pm

I think your .htaccess rule is very likely the problem, because the HTTPS version of the bare base domain without the www. redirects to the HTTP version with the addition of www., while the HTTPS version with the www. works properly. (However, you also have a mixed content problem, which you can diagnose using https://www.whynopadlock.com/.)

georgik · May 4, 2017, 6:15pm

Hey schoen,

Thank you very much for your answer.

Here’s what I have in the .htaccess file in cpanel:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^([a-z.]+)?innerouterpeace.com$ [NC]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule .? http://www.%1 innerouterpeace.com%{REQUEST_URI} [R=301,L]

Changing line 2 & 3, HTTP_HOST to HTTPS_HOST will fix the problem? It’s a bit difficult to understand, I have set it up wrong as a whole or just in this case with the HTTPS?

I’ll look into the problem with the mixed content.

schoen · May 4, 2017, 7:16pm

Instead of changing HTTP_HOST, change http:// to https:// in the final line.

georgik · May 14, 2017, 7:19pm

Ty @schoen.

Your suggestion worked.

However, I went further by forcing the https non-wow version of the site and now I get an Internal Error 500.

Here’s what I got in the .htaccess file:

RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ examplecom./%{REQUEST_URI} [R=301,L,NE] RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE] </IfModule

I really don’t know what to do.

schoen · May 14, 2017, 8:32pm

There should be an Apache error log such as /var/log/apache2/errors which can explain the reason for the 500 error.

You could also try using the recipe that Certbot would have used, which is just like

RewriteEngine on RewriteCond %{SERVER_NAME} =example.com RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

I have actually not learned very much about mod_rewrite, which is really a very complex piece of software.

system · June 13, 2017, 8:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.