logo
Ask your WordPress questions! Pay money and get answers fast! (more info)

Warning: Please do not give out any FTP or ssh credentials to anyone, unless you trust them completely. Giving out login details is dangerous.

If the asker does not get an answer then they have 10 days to request a refund.

$50
Applying SSl to Wordpress 3.0 across multiple sites

I think I've tried everything that's in the Codex - http://codex.wordpress.org/Administration_Over_SSL

When I keep things simple and just add the force login line to wp-config, it works fine for my root blog. I visit http://blogs.mysite.com, hit the login link, and bang, redirected to https and I can login securely.

My dashboard is also secure, being at https://blogs.mysite.com/wp-admin/profile.php but I am only using the define('FORCE_SSL_LOGIN', true); line...is this symptomatic of an .htaccess issue or is this as should be expected?

My problems start when I try to visit another blog on my network. As soon as I force secure login, any attempt to login to https results in a 404 page.

If I login as admin at the root blog, then try to visit the dashboard for one of the other blogs, I also get a 404.

I will gladly reward my saviour!

.htaccess file

RewriteEngine On

RewriteBase /



#uploaded files

RewriteRule ^(.*/)?files/$ index.php [L]

RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*

RewriteRule ^(.*/)?files/(.*) wp-includes/ms-files.php?file=$2 [L]



# add a trailing slash to /wp-admin

RewriteCond %{REQUEST_URI} ^.*/wp-admin$

RewriteRule ^(.+)$ $1/ [R=301,L]



RewriteCond %{REQUEST_FILENAME} -f [OR]

RewriteCond %{REQUEST_FILENAME} -d

RewriteRule . - [L]

RewriteRule  ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]

RewriteRule  ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]

RewriteRule . index.php [L]



<IfModule mod_security.c>

<Files async-upload.php>

SecFilterEngine Off

SecFilterScanPOST Off

</Files>

</IfModule>


Jim

EDIT - I am getting the standard Apache 404 page.

This question has been answered.

intbac | 06/30/10 at 7:07am Edit

.htaccess, ssl, 404, wordpress 3.0

(3) Possible Answers Submitted...

See a chronological view of answers?

Warning: Please do not give out any FTP or ssh credentials to anyone, unless you trust them completely. Giving out login details is dangerous.

  • avatar
    Last edited:
    07/06/10
    11:40am
    Oleg Butuzov says:

    can you turn on debug file for the mod_rewrite?
    http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewritelog

    basicly if you got wp 404 - rewrites works and we need to solve situation o wp. but if you getting standard apache 404 looks like wp rewrites disabled and httaccess dosn't work.

    anyway debug log for mod_rewrite is first step to solve issue.

    Previous versions of this answer: 06/30/10 at 7:25am | 06/30/10 at 7:26am

    • 06/30/10 10:48am

      Oleg Butuzov says:

      so... rewrites dosn't work =)

      my mail in my profile page. also i have sent you a message through this website. contact me to fix it.

    • 06/30/10 10:53am

      Oleg Butuzov says:

      oh. can you also check is there a virtual host created for https for a hosted blogs? or even is there setuped secure 443 port for the child domains? i belive there is 80 setuped, bit as i know administration of the apache - you need to setup it too. can you check settings?

    • 06/30/10 11:03am

      intbac says:

      Hi Oleg,
      thanks for the suggestion. Turning on debug now. We are getting standard Apache 404 pages.

    • 06/30/10 11:05am

      Oleg Butuzov says:

      Jim read my last message. Seams you need to setup wildcard domains for the 443 port wich is secure connection.

      something like this....


      
< VirtualHost 10.200.2.15:443 >
      
ServerName v3.mysite.com
      
ServerAdmin webmaster@example.com
      
DocumentRoot "/Library/WebServer/Documents"

    • 06/30/10 11:06am

      Oleg Butuzov says:

      sorry this is correct tutorial url

      http://www.techcuriosity.com/resources/webhosting/wildcard_hosting.php

    • 06/30/10 11:14am

      intbac says:

      Ok going to try this now.

    • 07/02/10 10:28am

      Oleg Butuzov says:

      mod_rewrite dosn't work in ssl section.

      add this to visrtual host.

      <Directory /mnt/nfs-fs/htdocs/testblogs.ibo.org/  >
      
         AllowOverride FileInfo Options
      
         Options Indexes FollowSymLinks
      
</Directory>

  • avatar
    Last edited:
    06/30/10
    8:59am
    Ipstenu says:

    Have you tried http://wordpress.org/extend/plugins/admin-ssl-secure-admin/ ? It says it works for WPMU. Mind, I'd try the dev version from http://wordpress.org/extend/plugins/admin-ssl-secure-admin/download/ first.

    • 06/30/10 12:36pm

      intbac says:

      Hello, yes I have but I get the same error when it redirects me to the https page.

  • avatar
    Last edited:
    07/01/10
    3:41pm
    Rashad Aliyev says:

    Define it at your .htaccess file.

    RewriteRule ^/wp-admin/(.*) https://www.mysite.com/wp-admin/$1 [C]


    RewriteRule ^/wp-admin/(.*) https://www.mysite.com/wp-admin/$1 [C]


    If still doesn't work and if you're using WPMU then recommended not shared host. If you're using shared host then setup Wildcard DNS.

    P.S: some shared hosting doesn't support wildcard.

    Previous versions of this answer: 07/01/10 at 3:41pm

This question has expired.





Current status of this question: Completed



Warning: Please do not give out any FTP or ssh credentials to anyone, unless you trust them completely. Giving out login details is dangerous.

If the asker does not get an answer then they have 10 days to request a refund.