Domain Mapping 4.2.0.6 - Two Significant Bugs Remaining?

Hi WPMUDev Staff, @Tyler Postle and @Sam

I hope your day is going well :slight_smile:

This thread is a continuation of my previous thread
https://premium.wpmudev.org/forums/topic/domain-mapping-w-https-my-scenario-2-staff-check-in
which had gotten too long to work with, imho.

I still consider there to be two significant issues unresolved from my previous thread, both seemingly related to the settings made at subsite > tools > domain mapping.

1) All subsites with mapped addresses: frontend redirect NOT forced to http when protocol selection is http://, allows https as well ( http://beavertonlandscaping.com & https://beavertonlandscaping.com )
2) All subsites with mapped addresses: NOT forcing the mapped address when set to force mapped address for frontend redirect, allows original address as well ( http://beavertonlandscaping.com & https://tivism.com/beavertonlandscaping-secure-access )

I'd like to see the settings "do what they say on tin" sooner rather than later.

However, I am open to considering temporary workarounds which will produce my desired outcomes (such as custom htaccess rules) if there are any suggestions?

My current setup and desired configuration is:

Multisite Network using subdirectories @ tivism.com
Server IP: 185.56.85.36
Wildcard SSL for tivism.com & *.tivism.com

Primary should be forced HTTPS frontend
Primary forced HTTPS frontend
Primary forced HTTPS login/admin
Subsites forced HTTP frontend @ Mapped URL
Subsites forced HTTPS login/admin @ Original URL

Primary Domain Mapping Network Settings:
a) Server IP: 185.56.85.36
b) Admin Mapping: Original
c) Login Mapping: Original
d) Cross-Domain: Yes
e) Verify: No
f) Force HTTPS Login/Admin: Yes
g) Force HTTPS Frontend: Yes

Subsites Domain Mapping Subsite Settings:
h) Protocol: http://
i) Frontend redirect should be: directed to mapped (primary) domain
j) Primary & original network subsite addresses are all non-www --> ONLY TLDs mapped to network subsites will be mapped with 'www' in URL for CloudFlare Railgun compatibility w/ my host (NOT currently using CF!).

Server: GoGeek @ SiteGround.com - will use varnish caching (currently all cache systems OFF!)

Browsers tested: IE, Firefox, Chrome, Safari

Platforms tested: Win8, OSX, Android

Regularly cleared browser data & flush dns caches while testing.

Attached is a pdf of my Domain Mapping v4.2.0.6 testing matrix for the two bugs described above (and maybe an extra?).


I'd love to know if the behaviors I have reported are replicable by WPMUDev Staff using my configuration settings.

Knowing the issues have been replicated & confirmed will allow me to relax a little, move on with other tasks :slight_smile:

I have previously sent full WP/cPanel creds to Tyler (not sure how that works) and WPMUDev Support Access is Active - please get on in there if it'd be at all helpful (documenting changes, of course); and finally, please make sure that @Sam has been flagged to this new thread.

I look forward to hearing back regarding your success/failure to replicate :slight_smile:

Kind Regards,
Max

  • wp.network

    from previous thread, comment by @Gabe

    regarding bug:
    mapped domains frontend redirect NOT forced to http, allows https

    Wed Nov 5 2014, 7:32:52 AM

    It's kind of fixed on my end. In the domain mapping settings of each subsite if you select to force http it'll still throw an SSL error, but it will eventually redirect to http after clicking through the SSL warning. This may just be the way it is since browsers are more cautious about SSL errors these days (web is moving to all SSL) and the plugin doesn't force http early enough in the page loading process, @Sam will have to confirm is this is as intended or not.

    I thought that this comment was worth bringing over to the new thread in whole as it reflects @gabe's experience with the issue and some thoughts on what is happening...

    Aloha, Max

  • Sybre Waaijer

    Hi @TiViSM

    Try changing the setting of domain mapping on /wp-admin/network/ to the following:
    - Original
    - Original
    - Yes
    - No
    - Yes
    - No

    The last one is different, it's for the front-end pages :slight_smile:

    On the page you want to map the domain on, remove the mapped domain and re-add it with the prefix you want (be it http or https).
    With Front end redirect should be "Directed to mapped (primary) domain.

    Do not touch the star :slight_smile:

    • wp.network

      Hi @sybre - thanks for jumping right in again :slight_smile:

      1) I believe that setting
      Would you like to force http/https in front-end pages: Force https
      in Network > Settings > Domain Mapping
      ONLY is expected to apply to frontend of primary site and subsites using 'original' address
      NOT expected to apply to subsite mapped addresses (unless perhaps one is mapping a different subdomain of primary...? I do not intend to try this - I using mapping only for TLDs).

      2) I had tried suggested configuration in testing, but I went and tried again using your method (including removing/adding mapped domain & double checking settings used - I had included these steps in some, but not all, of my testing runs) - strange results following process you suggest above, and me paying closer attention :slight_smile:

      allows https:// original addresses
      redirects http:// original addresses

      https://tivism.com/beavertondotbike-secure-access DOES NOT redirect to http://www.beaverton.bike

      http://tivism.com/beavertondotbike-secure-access DOES redirect to http://www.beaverton.bike

      Note: I have left these settings in place so that you can visit the links above, I will return to my desired settings in 30 minutes from now :slight_smile:

      3) additionally, it does NOT resolve the other issue:
      mapped domains frontend redirect NOT forced to http, allows https
      https://www.beaverton.bike

      4) additionally, it means that the primary frontend is NOT forced to https which is a desired part of my configuration, as described in original post above.
      4a) Granted, if one element is changeable, it is having the primary frontend forced to https - if doing so is within the ability of the plugin, it remains a feature I wish to pursue.

      I have updated my pdf test matrix to reflect the new behavior this experiment revealed, and to make columns readable :slight_smile:

      Thanks again for your inputs and Cheers,
      Max

      • Sybre Waaijer

        1) You are absolutely correct. But either the description is a bit off, or the code - So I've noticed. Have you tried it yet? :slight_smile:

        If you set it to no, please put this in your .htaccess so you'll get the same functionality you previously (ought to) get from that function.

        #BEGIN main blog + subdir SSL
        	RewriteCond %{HTTPS} off
        	RewriteCond %{HTTP_HOST} ^tivism\.com [NC]
        	RewriteRule ^(.*)$ https://tivism.com/$1 [R=301,L]
        #END main blog + subdir SSL

        2) this is because you use the default settings when mapping the domain. This is your safest bet for now and if you're not allowing a log in page for your users, they'd never even know the subdirectory exists - This is exactly what WordPress.com does.

        Example:
        https://johnjamesjacoby.wordpress.com/
        http://jaco.by/

        3) Once again, this is exactly what WordPress.com does:

        Example:
        https://jaco.by/

        You can also see the cert error, just like you're getting.
        You could solve this in .htaccess but it's a lot of manual labor you don't want to put on yourself for every single website. htaccess does allow "if not" rules, but they mostly don't work and give loops regarding this situation.

        This counts as an answer to your reply on the other forum post found here too: https://premium.wpmudev.org/forums/topic/domain-mapping-w-https-my-scenario-2-staff-check-in#post-768980
        The code you described there could work (afaik, it's 6:30 AM lol), but will cause issues/loops.

        4) look at 1) Furthermore, I find this difficult to understand at this time (I'm drowsy)

        Answer me this: What exactly do you want per site, because I've kind of lost touch, take this example and fill it in:
        tivism.com: HTTPS noWWW
        tivism.net: HTTP WWW
        etc.

        FAQ:
        Q: Why do you keep referring to jaco.by?
        A: Because he's a high ranked wordpress.com user, first I found with a simple Google query and he happens to work for WordPress.com

        Q: Why do you keep using WordPress.com as an example?
        A: They know their system, they built and are building WordPress and they're the leading distribution of WPMU. If they can't do it, then it's probably a fault/bug/limitation in the WordPress core which is extremely difficult to fix.

        Q: Will my users know https:// isn't working?
        A: No. Look at WordPress, they also know their users, and their users aren't going to try https:// before every link. Their users just want to read and post stuff and most likely don't know much about the web as much as you and I do - and if they do: they wouldn't even bother.

        P.S. I'm sorry if I come over a bit harsh, it's not my intend to do so. <3

        • wp.network

          @Sybre - not harsh at all!!! much love! I am very happy to hear your thoughts on this and find your questions/critiques encouraging and informative :slight_smile:

          Very interesting! I will take some to parse and maybe test some parts, then will reply in detail - I am also burning the candle at both ends and must go carefully at this point.

          edit: I noticed that you just edited your post above, specifically you updated the code to reflect subdirectories - thank you!

          Aloha, Max

          • Sybre Waaijer

            This is nice to have (the 2nd rule blocks directory browsing)

            #Put at top of your htaccess
            	RewriteEngine On
            	Options All -Indexes
            #end top of your htaccess

            The subdomains SSL forcing:

            #BEGIN all subdomains force SSL
            	RewriteCond %{HTTPS} off
            	RewriteCond %{HTTP_HOST} ^(.*)\.hostmijnpagina\.nl [NC]
            	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
            #END all subdomains force SSL

            The following is the same as the previous post:

            #BEGIN main blog SSL
            	RewriteCond %{HTTPS} off
            	RewriteCond %{HTTP_HOST} ^hostmijnpagina\.nl [NC]
            	RewriteRule ^(.*)$ https://hostmijnpagina.nl/$1 [R=301,L]
            #END main blog SSL

            Nice to have if you enable admin bars for logged out users, link to your registration page:
            Also, the default meta widget has a registration link, result: http://arcinc.eu/wp-signup/

            #BEGIN Adminbar registration fix
            	RewriteCond %{REQUEST_URI} !/wp-signup\.php [NC]
            	RewriteRule ^/?wp-signup(.*)$ https://hostmijnpagina.nl/wp-signup.php [L,R=302]]
            #END Adminbar registration fix

            302 = temporary redirect
            301 = permanent redirect

            Too lazy to go deeper into this - For links that "change a lot" use 302. For static use 301. If browsers take this into account, I don't know. But Google does.

            Good night ^^

  • Vinod Dalvi

    Hi Max,

    I hope you are well today and thanks for posting on the forum.

    I have notified my colleagues @Tyler Postle and @Sam to reply on this thread who were helping you on the following thread which is continued here.

    https://premium.wpmudev.org/forums/topic/domain-mapping-w-https-my-scenario-2-staff-check-in#post-769193

    Thank you for being a WPMU DEV member and have a fantastic day!

    Thanks,
    Vinod Dalvi

      • wp.network

        Hey @sybre

        I've been diligently reading & experimenting, and here is what I've got:

        I have reinstalled w/ subdomains.

        Totally 'vanilla' w/ twenty fourteen.
        Domain Mapping 4.2.0.6
        WPMUDev Dashboard (latest)

        Primary Domain Mapping Network Settings:
        a) Server IP: 185.56.85.36
        b) Admin Mapping: Original
        c) Login Mapping: Original
        d) Cross-Domain: Yes
        e) Verify: No
        f) Force HTTPS Login/Admin: Yes
        g) Force HTTPS Frontend: No

        Subsites Domain Mapping Subsite Settings:
        h) Protocol: http://
        i) Frontend redirect should be: disabled and entered domain should be used
        j) for now, mapped domains are NOT using www - I am starting with non-www model, then can work on changing :slight_smile:

        Only other significant changes made post install:

        Primary db values:
        SITEURL & HOME edited to use https (edited after wp install, but before network setup)
        Subsite db values:
        only SITEURL edited to use https

        Mapped Domains: I have added a Wildcard CNAME Record to DNS for mapped domains in order to have rules below rewrite not just www but basically anything (I for sure wanted to catch ww and wwww and then figured, why not catch 'em all?)

        htaccess rules currently in use:

        #### BEGIN Custom Rewriting
        <IfModule mod_rewrite.c>
        RewriteEngine On
        
        ### BEGIN Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
        ## Beaverton.Marketing
        # Remove www and errata
        RewriteCond %{HTTP_HOST} ^.+\.(beaverton\.marketing) [NC]
        RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
        # Force Map
        RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
        RewriteCond %{HTTP_HOST} ^beavertonmarketing\.tivism\.com [NC]
        RewriteRule ^(.*)$ http://beaverton\.marketing/$1 [R=301,L]
        ## Beaverton.Bike
        RewriteCond %{HTTP_HOST} ^.+\.(beaverton\.bike) [NC]
        RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
        RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
        RewriteCond %{HTTP_HOST} ^beavertondotbike-secure\.tivism\.com [NC]
        RewriteRule ^(.*)$ http://beaverton\.bike/$1 [R=301,L]
        ## Tivism.Net
        RewriteCond %{HTTP_HOST} ^.+\.(tivism\.net) [NC]
        RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
        RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
        RewriteCond %{HTTP_HOST} ^tivismnet-secure\.tivism\.com [NC]
        RewriteRule ^(.*)$ http://tivism\.net/$1 [R=301,L]
        ## Tivism.Org
        RewriteCond %{HTTP_HOST} ^.+\.(tivism\.org) [NC]
        RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
        RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
        RewriteCond %{HTTP_HOST} ^tivismorg-secure\-secure\.tivism\.com [NC]
        RewriteRule ^(.*)$ http://tivism\.org/$1 [R=301,L]
        ## 710.Tips
        RewriteCond %{HTTP_HOST} ^.+\.(710\.tips) [NC]
        RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
        RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
        RewriteCond %{HTTP_HOST} ^710tips-secure\-secure\.tivism\.com [NC]
        RewriteRule ^(.*)$ http://710\.tips/$1 [R=301,L]
        ### END Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
        
        # BEGIN Remove www only for Network Primary
        #RewriteCond %{HTTP_HOST} ^w{1,}\.(.*tivism\.com) [NC]
        #RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
        # END Remove www only for Network Primary
        # BEGIN Remove www & errata for Network Primary
        RewriteCond %{HTTP_HOST} ^.+\.(.*\.tivism\.com) [NC]
        RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
        # END Remove www & errata for Network Primary
        # BEGIN Subdomains Force SSL
        RewriteCond %{HTTPS} off
        RewriteCond %{HTTP_HOST} ^([^\.].*)\.tivism\.com [NC]
        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
        # END Subdomains Force SSL
        # BEGIN Network Primary SSL
        RewriteCond %{HTTPS} off
        RewriteCond %{HTTP_HOST} ^tivism\.com [NC]
        RewriteRule ^(.*)$ https://tivism\.com/$1 [R=301,L]
        # END Network Primary SSL
        # BEGIN Adminbar registration fix
        #RewriteCond %{REQUEST_URI} !/wp-signup\.php [NC]
        #RewriteRule ^/?wp-signup(.*)$ https://tivism\.com/wp-signup.php [L,R=302]]
        # END Adminbar registration fix
        </IfModule>
        
        #### END Custom Rewriting

        For completeness, my stock WP Rules:

        #### BEGIN WordPress
        <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteBase /
        RewriteRule ^index\.php$ - [L]
        
        # add a trailing slash to /wp-admin
        RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
        
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^ - [L]
        RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
        RewriteRule ^(.*\.php)$ $1 [L]
        RewriteRule . index.php [L]
        </IfModule>
        
        #### END WordPress

        This seems to work, yet is increasingly unwieldy as we approach a few hundred+ sites...

        Any thoughts on how to make this more efficient are very welcome :slight_smile: and of course catching any ht faux pas

        Cheers,
        Max

        • Sybre Waaijer

          Hi Max!

          Hope you're doing well today (I've been intoxicated by WPMUDEV to always use this sentence D:slight_smile:.

          Everything looks good, and if it's working, don't touch it! It's fragile :stuck_out_tongue:

          What do you mean with the following and/or where can I replicate these settings?:

          Primary db values:
          SITEURL & HOME edited to use https (edited after wp install, but before network setup)
          Subsite db values:
          only SITEURL edited to use https

          I've also never seen the "Force map" .htaccess rules, but I can see what you want with that. Doesn't the "star" in Domain mapping do that for you already? For all I know it's bugged at the moment so I'd rather not touch it.

          All I can say is the following about it: It's brilliant and well written.
          If you get a few thousand customers whom are switching domains every single hour, then it's time for you to stop doing it I think :stuck_out_tongue: (or find a way to force it without touching .htaccess, note: if their mapped domain is invalid, their website will be offline)

          To make life easier on you, I took the liberty of hitting my tab bar and enter in your .htaccess, enjoy:
          (I also commented out the remove www and errata line with the reason: it's probably your cache's fault)

          #### BEGIN Custom Rewriting
          <IfModule mod_rewrite.c>
          RewriteEngine On
          
          ### BEGIN Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
          
          	## Beaverton.Marketing
          	# Remove www and errata (it's probably your cache)
          	#	RewriteCond %{HTTP_HOST} ^.+\.(beaverton\.marketing) [NC]
          	#	RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
          
          	# BEGIN Force Map
          
          	#Beaverton.Marketing
          		RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
          		RewriteCond %{HTTP_HOST} ^beavertonmarketing\.tivism\.com [NC]
          		RewriteRule ^(.*)$ http://beaverton\.marketing/$1 [R=301,L]
          
          	# Beaverton.Bike
          		RewriteCond %{HTTP_HOST} ^.+\.(beaverton\.bike) [NC]
          		RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
          		RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
          		RewriteCond %{HTTP_HOST} ^beavertondotbike-secure\.tivism\.com [NC]
          		RewriteRule ^(.*)$ http://beaverton\.bike/$1 [R=301,L]
          
          	# Tivism.Net
          		RewriteCond %{HTTP_HOST} ^.+\.(tivism\.net) [NC]
          		RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
          		RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
          		RewriteCond %{HTTP_HOST} ^tivismnet-secure\.tivism\.com [NC]
          		RewriteRule ^(.*)$ http://tivism\.net/$1 [R=301,L]
          
          	# Tivism.Org
          		RewriteCond %{HTTP_HOST} ^.+\.(tivism\.org) [NC]
          		RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
          		RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
          		RewriteCond %{HTTP_HOST} ^tivismorg-secure\-secure\.tivism\.com [NC]
          		RewriteRule ^(.*)$ http://tivism\.org/$1 [R=301,L]
          
          	# 710.Tips
          		RewriteCond %{HTTP_HOST} ^.+\.(710\.tips) [NC]
          		RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
          		RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup)
          		RewriteCond %{HTTP_HOST} ^710tips-secure\-secure\.tivism\.com [NC]
          		RewriteRule ^(.*)$ http://710\.tips/$1 [R=301,L]
          
          ### END Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
          
          # BEGIN Remove www only for Network Primary
          	#RewriteCond %{HTTP_HOST} ^w{1,}\.(.*tivism\.com) [NC]
          	#RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
          # END Remove www only for Network Primary
          
          # BEGIN Remove www & errata for Network Primary
          	RewriteCond %{HTTP_HOST} ^.+\.(.*\.tivism\.com) [NC]
          	RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
          # END Remove www & errata for Network Primary
          
          # BEGIN Subdomains Force SSL
          	RewriteCond %{HTTPS} off
          	RewriteCond %{HTTP_HOST} ^([^\.].*)\.tivism\.com [NC]
          	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
          # END Subdomains Force SSL
          
          # BEGIN Network Primary SSL
          	RewriteCond %{HTTPS} off
          	RewriteCond %{HTTP_HOST} ^tivism\.com [NC]
          	RewriteRule ^(.*)$ https://tivism\.com/$1 [R=301,L]
          # END Network Primary SSL
          
          # BEGIN Adminbar registration fix (only needed for the wp.org domain mapping)
          	#RewriteCond %{REQUEST_URI} !/wp-signup\.php [NC]
          	#RewriteRule ^/?wp-signup(.*)$ https://tivism\.com/wp-signup.php [L,R=302]]
          # END Adminbar registration fix
          </IfModule>
          
          #### END Custom Rewriting
          • wp.network

            Hi @Sybre

            1) re. SITEURL and HOME
            1a) for primary, set before network setup via admin > settings or via db after network set in wp_options
            1b) for subsites, set via network > sites > edit > settings or via db in wp_#_options
            1c) again, for subsites with mapped frontend using http only (eg. no ssl cert) ONLY edit SITEURL vaule :slight_smile:
            1d) making these settings like this makes sense to me in a rough way, w/o knowing details :slight_smile:
            1e) editing subsite SITEURL values to use https has solved my issue with media upload urls using http - perhaps this kind of thing can also be done via htaccess? any examples?

            2) I have made a few small yet important changes to the htaccess code I had pasted and tried to explain the mapping bit more clearly.
            2a) I also have an example block for forcing 'www' with a mapped domain (assumes one used 'www.domain.ext' when mapping from admin > tools > domain mapping w/ frontend redirect disabled)

            I have also found that if one has defined an explicit CNAME in DNS - for instance 'www.domain.ext.' - and still wants to use subdomain cannonicalization in code for third-level+ subdomains beyond (in this example) 'www', then one must define an additional WIldcard CNAME - for instance '*.www.domain.ext.'

            this allows http://ww.www.tivism.org to work; would be way easier to just not set CNAME for 'www' to begin with, but in my case this is the way I wanted it for now :slight_smile:

            The above is a further step, beyond the need to have a WIldcard CNAME for the base domain (like '*.domain.ext' - as mentioned previously) to use the subdomain cannonicalization stuff.

            The htaccess code below is currently powering tivism.com and does not seem to cause any terrible consequences (yet):

            #### BEGIN Custom Rewriting
            <IfModule mod_rewrite.c>
            #RewriteEngine On
            ### BEGIN Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
            		## 710.Kitchen
            			# Remove all subdomains
            			RewriteCond %{HTTP_HOST} ^.+\.(710\.kitchen) [NC]
            			RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
            			# Force all Frontend Requests to Mapped Domain, non-www
            			RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup|wp-includes)
            			RewriteCond %{HTTP_HOST} ^710kitchen-secure\.tivism\.com [NC]
            			RewriteRule ^(.*)$ http://710\.kitchen/$1 [R=301,L]
            
            		## 710.Tips
            			# Remove all subdomains
            			RewriteCond %{HTTP_HOST} ^.+\.(710\.tips) [NC]
            			RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
            			# Force all Frontend Requests to Mapped Domain, non-www
            			RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup|wp-includes)
            			RewriteCond %{HTTP_HOST} ^710tips-secure\-secure\.tivism\.com [NC]
            			RewriteRule ^(.*)$ http://710\.tips/$1 [R=301,L]
            
            		## Tivism.Org
            			# Remove subdomains, except www
            			RewriteCond %{HTTP_HOST} !^www\.(tivism\.org) [NC]
            			RewriteCond %{HTTP_HOST} ^.+\.(tivism\.org) [NC]
            			RewriteRule ^(.*)$ http://www\.%1/$1 [R=301,L]
            			# Force all Frontend Requests to Mapped Domain, using www
            			RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup|wp-includes)
            			RewriteCond %{HTTP_HOST} ^tivismorg-secure\.tivism\.com [NC]
            			RewriteRule ^(.*)$ http://www\.tivism\.org/$1 [R=301,L]
            
            ### END Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
            
            	# BEGIN Remove w-only subdomains, for Network Primary
            		RewriteCond %{HTTP_HOST} ^[w\.]+(tivism\.com) [NC]
            		RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
            	# END Remove w-only subdomains, for Network Primary
            
            	# BEGIN Remove all subdomains beyond first-level, for Network Primary
            		# Catches all subdomains beyond first-level of primary, like third.second.first.primary.com
            		RewriteCond %{HTTP_HOST} ^.+\.(.*\.tivism\.com) [NC]
            		RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
            	# END Remove all subdomains beyond first-level, for Network Primary
            
            	# BEGIN Subdomains Force SSL
            		RewriteCond %{HTTPS} off
            		##RewriteCond %{HTTP_HOST} !^.+\.www\.tivism\.com [NC]
            		RewriteCond %{HTTP_HOST} ^([^\.].+)\.tivism\.com [NC]
            		RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
            	# END Subdomains Force SSL
            
            	# BEGIN Network Primary SSL
            		RewriteCond %{HTTPS} off
            		RewriteCond %{HTTP_HOST} ^tivism\.com [NC]
            		RewriteRule ^(.*)$ https://tivism\.com/$1 [R=301,L]
            	# END Network Primary SSL
            
            	# BEGIN Adminbar registration fix
            		#RewriteCond %{REQUEST_URI} !/wp-signup\.php [NC]
            		#RewriteRule ^/?wp-signup(.*)$ https://tivism\.com/wp-signup.php [L,R=302]]
            	# END Adminbar registration fix
            </IfModule>
            
            #### END Custom Rewriting

            3) I am not sure what you mean by

            Doesn't the "star" in Domain mapping do that for you already?

            4) I have a Q for you: I don't understand why your code:

            #BEGIN all subdomains force SSL
            	RewriteCond %{HTTPS} off
            	RewriteCond %{HTTP_HOST} ^(.*)\.hostmijnpagina\.nl [NC]
            	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
            #END all subdomains force SSL

            the line
            RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
            is as it is, rather than like
            RewriteRule (.*)$ https://%{HTTP_HOST}%{REQUEST_URI}

            Can you perhaps help me understand above though it may be blindingly simple?

            Of course, any other thoughts are very welcome, and I'd love to know if you try any of this out :slight_smile:

            Kind Regards,
            Max

            Links:
            http://www.sdf4sg.random-nonsense.whatever.newsite-example-sans-errata.tivism.com
            http://ww.www.710.tips/hithere404
            http://dsgfb.2sdv.2f.www.710kitchen-secure.tivism.com/hithere404
            http://sfger.32fdsg.3r3gf.ww.710.kitchen/wp-login.php
            http://ww.www.tivism.org/2014/11/
            http://www.fdgfd.teytr5.tivism.org/wp-login.php

  • Tyler Postle

    Hey Max,

    Thanks for all the information here!

    I actually brought this up with Sam as well during testing of the latest version. The reason it works this way is because SSL handling happens by the server before PHP is even loaded, let alone WP.

    As seen in, Gabes comment you pasted in, the forcing of http happens correctly - once getting past the certificate error and allowing the WordPress to load.

    2) All subsites with mapped addresses: NOT forcing the mapped address when set to force mapped address for frontend redirect, allows original address as well ( http://beavertonlandscaping.com & https://tivism.com/beavertonlandscaping-secure-access )

    I am getting this same behaviour. Only when "force https" or "no" is set for the: "Would you like to force http/https in front-end pages:" option inside:

    Network admin > Settings > Domain Mapping.

    I will pass this on to Sam :slight_smile: thanks Max.

    As usual, either myself or the developer will post back here once the issue is resolved and pushed out.

    Hope you have a great rest of your day!

    All the best,
    Tyler

    • wp.network

      My last code paste had a silly error, apologies; I am pasting again below with edited code, also including an adaptation of the custom mapping bit to redirect another domain (in this case the .com of a nGTLD - could be other way around/etc.):

      #### BEGIN Custom Rewriting
      <IfModule mod_rewrite.c>
      #RewriteEngine On
      ### BEGIN Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
      		## 710.Kitchen
      			# Remove all subdomains
      			RewriteCond %{HTTP_HOST} ^.+\.(710\.kitchen) [NC]
      			RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
      			# Force all Frontend Requests to Mapped Domain, non-www
      			RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup|wp-includes)
      			RewriteCond %{HTTP_HOST} ^710kitchen-secure\.tivism\.com [NC]
      			RewriteRule ^(.*)$ http://710\.kitchen/$1 [R=301,L]
      
      		##Special# 710Kitchen.Com to 710.Kitchen - 710Kitchen.Com is NOT a Mapped Domain, is 'Addon' via cpanel
      			RewriteCond %{HTTP_HOST} ^.*(\.?710kitchen\.com) [NC]
      			RewriteRule ^(.*)$ http://710\.kitchen/$1 [R=301,L]
      
      		## Tivism.Org
      			# Remove subdomains, except www
      			RewriteCond %{HTTP_HOST} !^www\.(tivism\.org) [NC]
      			RewriteCond %{HTTP_HOST} ^.+\.(tivism\.org) [NC]
      			RewriteRule ^(.*)$ http://www\.%1/$1 [R=301,L]
      			# Force all Frontend Requests to Mapped Domain, using www
      			RewriteCond %{REQUEST_URI} !/(wp-admin|wp-login|wp-signup|wp-includes)
      			RewriteCond %{HTTP_HOST} ^tivismorg-secure\.tivism\.com [NC]
      			RewriteRule ^(.*)$ http://www\.tivism\.org/$1 [R=301,L]
      
      ### END Custom Force Mapped Domain Frontend, Repeated per Mapped Domain
      
      	# BEGIN Remove w-only subdomains, for Network Primary
      		RewriteCond %{HTTP_HOST} ^[w\.]+(tivism\.com) [NC]
      		RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
      	# END Remove w-only subdomains, for Network Primary
      
      	# BEGIN Remove all subdomains beyond first-level, for Network Primary
      		# Catches all subdomains beyond first-level of primary, like third.second.first.primary.com
      		RewriteCond %{HTTP_HOST} ^.+\.(.*\.tivism\.com) [NC]
      		RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
      	# END Remove all subdomains beyond first-level, for Network Primary
      
      	# BEGIN Subdomains Force SSL
      		RewriteCond %{HTTPS} off
      		RewriteCond %{HTTP_HOST} ^([^\.].+)\.tivism\.com [NC]
      		RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
      	# END Subdomains Force SSL
      
      	# BEGIN Network Primary SSL
      		RewriteCond %{HTTPS} off
      		RewriteCond %{HTTP_HOST} ^tivism\.com [NC]
      		RewriteRule ^(.*)$ https://tivism\.com/$1 [R=301,L]
      	# END Network Primary SSL
      
      	# BEGIN Adminbar registration fix
      		#RewriteCond %{REQUEST_URI} !/wp-signup\.php [NC]
      		#RewriteRule ^/?wp-signup(.*)$ https://tivism\.com/wp-signup.php [L,R=302]]
      	# END Adminbar registration fix
      </IfModule>
      
      #### END Custom Rewriting

      Should be good :slight_smile:

      Links showing new code behavior:
      http://ww.www.710kitchen.com/2014/11/10/hello-world/
      http://www.710kitchen.com/wp-login.php

      Aloha, Max

  • Jack Kitterhing

    Hi there Max,

    Hope you're well today! :slight_smile:

    I've been taking a look through all this, (quite a bit of info to go through). :slight_smile:

    I see there's a confirmed bug with the forcing of the protocol not working correctly and that you have this almost working with some .htaccess code.

    From the above I see you say in your code that 710 Kitchen is a add-on domain and not a mapped domain, could you let me know one of the mapped domains and one of the sub domains.

    Your main domain from what I've loaded seems to be working correctly. :slight_smile:

    Thank you!

    Kind Regards
    Jack.

    • wp.network

      Hi @Jack Kitterhing

      1) quite a bit of info to go through

      word.

      2) I see there's a confirmed bug with the forcing of the protocol not working correctly and that you have this almost working with some .htaccess code.

      Yup; confirmed bug & working on htaccess rules to control behavior :slight_smile:

      My previous htaccess code is generally functional, however has some basic flaws in construction & is waaaaaaay non-optimized ...since then I have been reading and sleeping a little and thats about it :slight_smile: and I have learned alot about htaccess and regex since then... working on finishing a re-read of key docs, then re-working my code, will re-post when I have something interesting to share <3

      3) From the above I see you say in your code that 710 Kitchen is a add-on domain and not a mapped domain, could you let me know one of the mapped domains and one of the sub domains.

      I think that you are referring to the following:
      ##Special# 710Kitchen.Com to 710.Kitchen - 710Kitchen.Com is NOT a Mapped Domain, is 'Addon' via cpanel

      If so, then here is the deal:
      710Kitchen.Com is set as an add-on domain
      710.Kitchen is set as an add-on domain

      710kitchen-secure.tivism.com is a subsite of tivism

      I used Domain Mapping plugin to map
      http://710.kitchen --> https://710kitchen-secure.tivism.com

      I then used the following rule set in htaccess to rewrite requests for http://710kitchen.com --> http://710.kitchen

      RewriteCond %{HTTP_HOST} ^.*(\.?710kitchen\.com) [NC]
      RewriteRule ^(.*)$ http://710\.kitchen/$1 [R=301,L]

      I have alot of domains, many of which are very closely related, as with above example and until I have more specific use (like special landing pages!) for such domains, I'd like to have them feed into live sites...

      I'm interested in using non-capturing groups with alternation in combination with standard capturing groups, like
      (?:e|(?:xa)|(mple(?:s|z)?))
      (an approach I was not familiar with before - I am aware to prevent possibility of backreference to a failed capture group) and also want to greatly reduce my use of the repetition characters - being much more specific where possible following practices like:

      Remember that while (.*) matches any string, so will the simpler and faster pattern ^ because every string has a start (even an empty string) and so ^ matches it. [...] Note also that the pattern (.*) has parenthesis and therefore captures the matched string into the variable $1. If you’re not planning to use $1 in a later substitution, then this, in addition to being a waste of computation cycles, is a waste of memory.

      Are you familiar with book 'mod_rewrite And Friends'by R.Bowen at http://mod-rewrite.org/ (source of above quote)?

      Its an awesome free resource from R.Bowen, author of Definitive Guide to Apache mod_rewrite (I have now read this too, the web version of his newer book at above website is one of the best (accessible+informative) resources on this stuff I've found yet, way better than htaccessbook from J.Starr though that was a good starter - info on regex is more readily available; RegexBuddy & Regex Coach have been awesome & I've even gotten into Mastering Regular Expressions by J.Friedl which is amazing, btw)

      Also, started using ScreamingFrog and Fiddler - any experience using these tools? other recommendations?

      Cheers, Max

  • wp.network

    Hi @Michelle Shull

    No worries:
    1) bug has been confirmed, Sam is presumably hard at work...
    2) have a partial solution worked out via magic blend of Domain Mapping settings and htaccess...
    2a) I am working on an improved htaccess solution to my specific needs, will be happy to share the general bits when they're worked out & tested - hopefully a couple days, tops ¯\_(?)_/¯

    ps. for some fun, try @ http://textfac.es/

    Cheers, Max

    • wp.network

      Thanks @aristath, fyi & for @Sam...

      The beta version of Domain Mapping that Sam put up in @Sybre's SSO thread a few days ago is great and addresses a number of issues... really awesome progress!

      I thought I'd just mention that I had been testing it, and really noticed a lot of fixes and thanks for that :slight_smile:

      Also, thought I'd include the htaccess code that I've worked out to use for the time being in order to force frontend domain mapping in case it can be useful to anyone, and to show the work that has gone in to dealing with this bug...

      I assume that the setup is to use 100% HTTPS :slight_smile:

      For networks using subdirectories:
      The trick here:
      primary domain: primary.com
      domain to map: mapped.com
      Make the subsite: primary.com/mapped-dot-com
      domain to map: mapped.club
      Make the subsite: primary.com/mapped-dot-club
      notes:
      1) for my network where I tested w/ subdirectories, I didn't care that the 'original' addresses look kinda funky, I wanted to do the deed in one rule block :slight_smile:
      2) this is with domain mapping set to force https and use original addresses for admin/login
      3) frontend mapping is set to 'disabled' in order to avoid any weird errors as it doesn't currently work (at least with https) anyways
      4) these should work 'out-of-the-box' :slight_smile:

      <IfModule mod_rewrite.c>
      Options +FollowSymLinks
      RewriteEngine On
      # begin custom mapping for subdirectories
      RewriteCond %{REQUEST_URI} !^wp-(admin|content|includes) [NC]
      RewriteCond %{REQUEST_URI} !wp-login\.php [NC]
      RewriteCond %{QUERY_STRING} !preview=true [NC]
      RewriteRule ^(.*)-dot-(.*)/(.*)$ https://$1.$2/$3 [R=301,L]
      # end custom mapping for subdirectories
      # begin remove www from all urls
      RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
      RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
      # end remove www from all urls
      # begin author profile redirect
      RewriteRule ^author/ https://%{HTTP_HOST}/ [R=301,L]
      # end author profile redirect
      
      # BEGIN WordPress
      RewriteBase /
      RewriteRule ^index\.php$ - [L]
      
      # add a trailing slash to /wp-admin
      RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
      
      RewriteCond %{REQUEST_FILENAME} -f [OR]
      RewriteCond %{REQUEST_FILENAME} -d
      RewriteRule ^ - [L]
      RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
      RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
      RewriteRule . index.php [L]
      # END WordPress
      </IfModule>

      For subdomains:
      The trick here:
      primary domain: primary.com
      domain to map: mapped.com
      Make the subsite: mapped-secure-1.primary.com
      domain to map: mapped.org
      Make the subsite: mapped-secure-3.primary.com
      Notes:
      1) at least for my main subdomain network, I care a little more about the presentation of the 'original' network addresses and so had to get a little trickier... (I do have some 'New' gTLDS like .marketing but mostly it .com)
      2) this is forcing https and using original addresses for admin/login
      3) frontend mapping is set to 'disabled' in order to avoid any weird errors as it doesn't currently work (at least with https) anyways
      4) don't forget to update to use your domain name if you try these :slight_smile:

      <IfModule mod_rewrite.c>
      Options +FollowSymLinks
      RewriteEngine On
      # begin remove www from all urls
      RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
      RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
      # end remove www from all urls
      # begin .com custom mapping
      RewriteCond %{HTTP_HOST} ^([^.]+)-secure-1\.tivism\.com [NC]
      RewriteCond %{REQUEST_URI} !^wp-(admin|content|includes) [NC]
      RewriteCond %{REQUEST_URI} !wp-login\.php [NC]
      RewriteCond %{QUERY_STRING} !preview=true [NC]
      RewriteRule ^(.*)$ https://%1.com/$1 [R=301,L,S=2]
      # end .com custom mapping
      # begin .net custom mapping
      RewriteCond %{HTTP_HOST} ^([^.]+)-secure-2\.tivism\.com [NC]
      RewriteCond %{REQUEST_URI} !^wp-(admin|content|includes) [NC]
      RewriteCond %{REQUEST_URI} !wp-login\.php [NC]
      RewriteCond %{QUERY_STRING} !preview=true [NC]
      RewriteRule ^(.*)$ https://%1.net/$1 [R=301,L,S=1]
      # end .net custom mapping
      # begin .org custom mapping
      RewriteCond %{HTTP_HOST} ^([^.]+)-secure-3\.tivism\.com [NC]
      RewriteCond %{REQUEST_URI} !^wp-(admin|content|includes) [NC]
      RewriteCond %{REQUEST_URI} !wp-login\.php [NC]
      RewriteCond %{QUERY_STRING} !preview=true [NC]
      RewriteRule ^(.*)$ https://%1.org/$1 [R=301,L]
      # end .org custom mapping
      # begin author profile redirect
      RewriteRule ^author/ https://%{HTTP_HOST}/ [R=301,L]
      # end author profile redirect
      # BEGIN WordPress
      RewriteBase /
      RewriteRule ^index\.php$ - [L]
      
      # add a trailing slash to /wp-admin
      RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
      
      RewriteCond %{REQUEST_FILENAME} -f [OR]
      RewriteCond %{REQUEST_FILENAME} -d
      RewriteRule ^ - [L]
      RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
      RewriteRule ^(.*\.php)$ $1 [L]
      RewriteRule . index.php [L]
      </IfModule>
      # END WordPress

      I included the stock rules for reference in case anyone tries adapting this w/ little experience (on that note, I'd point out that the above are a work in progress and have several 'rough edges')...

      Anyone have comments/improvements/alternatives?

      Looking forward more domain mapping awesomeness from Sam, hopefully soon :slight_smile:

      Cheers,
      Max

      • wp.network

        a few quick notes:
        1)some improved code for my subdomain setup:

        #Example of frontend mapping blocks
        RewriteCond %{REQUEST_URI} !^/?wp-(admin|content|includes|login) [NC]
        RewriteCond %{HTTP_HOST} ([^.]+)-secure-1\.tivism\.com$ [NC]
        RewriteCond %{QUERY_STRING} !preview=true [NC]
        RewriteRule ^(.*)$ https://%1.com/$1 [R=301,L,S=1]
        #My https catch-all
        RewriteCond %{HTTPS} !=on
        RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

        2) I haven't tested this, but thought I'd write down a thought on how to easily work with subdomains if you don't mind the look of the urls... this should work similar to the subdirectory version above - basically encoding the desired mapped domain into the subsite address :slight_smile:
        Network: mapped-com.primary.com
        Mapped: mapped.com

        RewriteCond %{REQUEST_URI} !^/?wp-(admin|content|includes|login) [NC]
        RewriteCond %{HTTP_HOST} ([^.]+)-([^.]+)\.[^.]+\.[^.]+$ [NC]
        RewriteCond %{QUERY_STRING} !preview=true [NC]
        RewriteRule ^(.*)$ https://%1.%2/$1 [R=301,L,S=1]

        Cheers, Max

  • wp.network

    :slight_smile: there is so much htaccess code in this thread, its kinda nuts...

    I have introduced a control for 'www' into my subdomain rules, placing the following above the other custom mapping blocks...

    RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    it seems to play nice, as long as CloudFlare dns is setup correctly.

    I am now going to look at @Sybre's admin bar fix mentioned above, will then take a final look at what I have going on and then repost a streamlined subdomain rule set as a new thread for critique :slight_smile:

    Cheers, Max

  • wp.network

    Just a little update:

    I wanted to explicitly mention the (likely associated) issue that when a domain is mapped to force frontend mapping using https protocol (or force no scheme) then the site's permalinks are are using only http

    In working with this, I've come to think that the frontend mapping option setting (forced to mapped, allowed as entered, etc.) should be displayed - on subsite DM settings, and network DM settings Mapped Domains tab - after being setup... its cumbersome to remember off-hand...

    Cheers, Max

    (also, while the TIVISM project is still active, obviously, our profile here has changed to PortlandWP)

  • Vinod Dalvi

    Hi Max,

    The beta version of Domain Mapping that Sam put up in @Sybre's SSO thread a few days ago is great and addresses a number of issues... really awesome progress!

    I thought I'd just mention that I had been testing it, and really noticed a lot of fixes and thanks for that :slight_smile:

    Also, thought I'd include the htaccess code that I've worked out to use for the time being in order to force frontend domain mapping in case it can be useful to anyone, and to show the work that has gone in to dealing with this bug...

    Glad the beta version of the Domain Mapping plugin is working for you.

    Thanks for sharing your work here and i hope it would be helpful for others.

    Please advise if you have more questions.

    Happy New Year...!!!

    Thanks,
    Vinod Dalvi