1164 pointsCommunity rank #43Supreme DeityIn TrainingLifetime member
Member
(joined May 2010)
Likes (0)
Go into the wp_options table and change the option_value for the option_name='siteurl' and option_name='home' to include "https://" instead of only "http://". If not already, make sure you add something like the following to your .htaccess file, too:
# Force SSL and wwwith or wwwithout
RewriteEngine On
RewriteCond %{SERVER_PORT} !443 [OR]
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*) https://example.com/$1 [R=301,L]
11 pointsCommunity rank #4857SophomoreJust Getting Started
Member
(joined March 2012)
Likes (0)
Hi, I'm sorry, I am completely new. How do I edit the wp_options table? do I need a database editor? or can I just go to the "settings" section of my admin sidebar in wordpress?
And I know .htacess is usually a file for password protecting http directories, which one do I edit? Can i use SSH and my bash shell to do it?
sorry again for the newbieness. i just need my shopping cart working badly..
1164 pointsCommunity rank #43Supreme DeityIn TrainingLifetime member
Member
(joined May 2010)
Likes (0)
The htaccess edit can be done usually either from your FTP client or within your SSH client. Make sure you put these rules above the normal WP rules, to ensure they play out correctly (it's processed top-down).
The wp_options table will need to be edited thru a database client. phpMyAdmin is what I (usually) prefer, but the current build (3.5.1) has made simple text edits like this way more complex than they should be and the color coding hosed the SQL editor. Sigh. There's also Adminer - which is much more manageable and lightweight. If you install one of these DO NOT put it in a folder named the same thing as the zip file. Create a new random name so that it doesn't put your server at risk if there's a security hole discovered in it.
In any case, if you're using a hosting control panel you probably already have one of these installed that you can access thru there.
11 pointsCommunity rank #4857SophomoreJust Getting Started
Member
(joined March 2012)
Likes (0)
Hey shawn,
I checked the wp_options table and both the home and siteurl are set to https://www.mysite.com
Now I edited the .htaccess in the root wordpress directory and made it look like below, but it has broken my site, my browser now claims "too many redirects", I guess it is looping. Any ideas why it is doing this?:
# Force SSL and wwwith or wwwithout
RewriteEngine On
RewriteCond %{SERVER_PORT} !443 [OR]
RewriteCond %{HTTP_HOST} !^mysite\.com
RewriteRule (.*) https://www.mysite.com/$1 [R=301,L]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
The test says "if the domain doesn't exactly match 'mysite.com' then"...the rule says "redirect to http://www.mysite.com". These are mutually exclusive. They MUST be the exact same domain. Either with the 'www' or without the 'www'.
11 pointsCommunity rank #4857SophomoreJust Getting Started
Member
(joined March 2012)
Likes (0)
Thanks Shawn,
Looks like my site e-t-h-er-d-o-s-e.com (without the dashes) is working with HTTPS, wordpress and marketpress, but I still get this message from my chrome browser "There are resources on this page that are not secure" .. How do I get all resources to be SSL secure? My entire site with content should be coming locally from my wordpress, site, I don't understand.
My other problem is with marketpress, I will open a new thread for that concern.
21634 pointsCommunity rank #0Supreme DeityWPMU DEV StaffLifetime member
Support Kangaroo
(joined March 2011)
Likes (0)
Greetings edlikestoboogie,
You tell that from my chrome browser "There are resources on this page that are not secure" but you do not indicate what resources are not secure?
Do you have image embeds that the URL does not start https://?
Please advise what resources are not secure or if it was indeed images or possibly what the URL is so that we can see for ourselves what resources are not secure.
11 pointsCommunity rank #4857SophomoreJust Getting Started
Member
(joined March 2012)
Likes (0)
Hi Aecnu,
All images are uploaded and referenced using Wordpress' / MarketPress' upload capability. I am unsure what is unsecure. I will look at the html, but if you can visit my site, and take a look.
1164 pointsCommunity rank #43Supreme DeityIn TrainingLifetime member
Member
(joined May 2010)
Likes (0)
The only potentially callable non-secure reference within the current theme appears to be the wlwmanifest, which can be disabled with this in your functions.php file: remove_action('wp_head', 'wlwmanifest_link');
It's unlikely to actually cause any problems though.
There are more than a dozen links throughout your site with non-secure URLs, though. You can fix them by modifying the 'guid' within the 'wp_posts' table. You can do that wholesale with this SQL: update wp_posts set guid = replace(guid,'http://','https://');
Just run it from phpMyAdmin or whatever SQL editor you use.
If you have links that are within the content of the site, you can use this one: update wp_posts set post_content = replace(post_content,'http://www.EXAMPLE','https://www.EXAMPLE');
Make sure you replace http://www.EXAMPLE with your real domain name.
Responses (15)
Member (joined May 2010) Likes (0)
Go into the wp_options table and change the option_value for the option_name='siteurl' and option_name='home' to include "https://" instead of only "http://". If not already, make sure you add something like the following to your .htaccess file, too:
Support Kangaroo (joined March 2011) Likes (0)
Greetings edlikestoboogie,
Welcome to WPMU Dev!,
Shawn's answer is spot on above and do not forget to add the htaccess addition if you have not already.
Cheers, Joe
Member (joined March 2012) Likes (0)
Hi, I'm sorry, I am completely new. How do I edit the wp_options table? do I need a database editor? or can I just go to the "settings" section of my admin sidebar in wordpress?
And I know .htacess is usually a file for password protecting http directories, which one do I edit? Can i use SSH and my bash shell to do it?
sorry again for the newbieness. i just need my shopping cart working badly..
Member (joined March 2012) Likes (0)
I don't clearly underestand so I will reopen thread.
Member (joined May 2010) Likes (0)
The htaccess edit can be done usually either from your FTP client or within your SSH client. Make sure you put these rules above the normal WP rules, to ensure they play out correctly (it's processed top-down).
The wp_options table will need to be edited thru a database client. phpMyAdmin is what I (usually) prefer, but the current build (3.5.1) has made simple text edits like this way more complex than they should be and the color coding hosed the SQL editor. Sigh. There's also Adminer - which is much more manageable and lightweight. If you install one of these DO NOT put it in a folder named the same thing as the zip file. Create a new random name so that it doesn't put your server at risk if there's a security hole discovered in it.
In any case, if you're using a hosting control panel you probably already have one of these installed that you can access thru there.
Member (joined May 2010) Likes (0)
Oh, and the htaccess file you'll want to edit is the one at the root of your WP site - beside the wp-config.php file.
Member (joined March 2012) Likes (0)
Hey shawn,
I checked the wp_options table and both the home and siteurl are set to https://www.mysite.com
Now I edited the .htaccess in the root wordpress directory and made it look like below, but it has broken my site, my browser now claims "too many redirects", I guess it is looping. Any ideas why it is doing this?:
# Force SSL and wwwith or wwwithout
RewriteEngine On
RewriteCond %{SERVER_PORT} !443 [OR]
RewriteCond %{HTTP_HOST} !^mysite\.com
RewriteRule (.*) https://www.mysite.com/$1 [R=301,L]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Member (joined May 2010) Likes (0)
This is your problem:
The test says "if the domain doesn't exactly match 'mysite.com' then"...the rule says "redirect to http://www.mysite.com". These are mutually exclusive. They MUST be the exact same domain. Either with the 'www' or without the 'www'.
Member (joined May 2010) Likes (0)
And if you're using the 'www' version in wp_options, then make sure the htaccess is forcing it TO the www-enabled version.
Support Kangaroo (joined March 2011) Likes (0)
Greetings,
Thank you again Shawn for popping in here and following up with edlikestoboogie.
Some more rep points sent your way.
What is in my opinion the greatest Database Management software of all time Navicat.
You may want to check it out.
Thank you both for being WPMU Dev Members!
Cheers, Joe
Member (joined March 2012) Likes (0)
Thanks Shawn,
Looks like my site e-t-h-er-d-o-s-e.com (without the dashes) is working with HTTPS, wordpress and marketpress, but I still get this message from my chrome browser "There are resources on this page that are not secure" .. How do I get all resources to be SSL secure? My entire site with content should be coming locally from my wordpress, site, I don't understand.
My other problem is with marketpress, I will open a new thread for that concern.
thanks.
Support Kangaroo (joined March 2011) Likes (0)
Greetings edlikestoboogie,
You tell that from my chrome browser "There are resources on this page that are not secure" but you do not indicate what resources are not secure?
Do you have image embeds that the URL does not start https://?
Please advise what resources are not secure or if it was indeed images or possibly what the URL is so that we can see for ourselves what resources are not secure.
Cheers, Joe
Member (joined March 2012) Likes (0)
Hi Aecnu,
All images are uploaded and referenced using Wordpress' / MarketPress' upload capability. I am unsure what is unsecure. I will look at the html, but if you can visit my site, and take a look.
Member (joined March 2012) Likes (0)
Sorry, I got everything to work by changing my theme to the framemarket theme. all is good now.
Member (joined May 2010) Likes (0)
The only potentially callable non-secure reference within the current theme appears to be the wlwmanifest, which can be disabled with this in your functions.php file:
remove_action('wp_head', 'wlwmanifest_link');It's unlikely to actually cause any problems though.
There are more than a dozen links throughout your site with non-secure URLs, though. You can fix them by modifying the 'guid' within the 'wp_posts' table. You can do that wholesale with this SQL:
update wp_posts set guid = replace(guid,'http://','https://');Just run it from phpMyAdmin or whatever SQL editor you use.
If you have links that are within the content of the site, you can use this one:
update wp_posts set post_content = replace(post_content,'http://www.EXAMPLE','https://www.EXAMPLE');Make sure you replace http://www.EXAMPLE with your real domain name.
Become a member