New to the community? Start here

Problems with HTTPS plug in/SSL and MarketPress

I am having problems getting a typical wordpress + marketpress + HTTPS plugin combination for a complete ecommerce package.

I got SSL cert done with godaddy onto my virtual server.

my site is:

e-th-er-do-se.com (remove the dashes)

Does anybody know the proper procedure to do this, I am using all the latest versions of these plugins.

Fri, 18 May 2012 4:58:09

Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
Go into the wp_options table and change the option_value for the option_name=’siteurl’ and option_name=’home’ to include “https://” instead of only “http://”. If not already, make sure you add something like the following to your .htaccess file, too:
```
# Force SSL and wwwith or wwwithout

RewriteEngine On

RewriteCond %{SERVER_PORT} !443 [OR]

RewriteCond %{HTTP_HOST} !^example.com

RewriteRule (.*) https://example.com/$1 [R=301,L]
```
aecnu
- WP Unicorn
- 2,863 pts: Hero points 19,444 pts: Rep. points LEVEL 29
Greetings edlikestoboogie,

Welcome to WPMU Dev!,

Shawn’s answer is spot on above and do not forget to add the htaccess addition if you have not already.

Cheers, Joe
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
Hi, I’m sorry, I am completely new. How do I edit the wp_options table? do I need a database editor? or can I just go to the “settings” section of my admin sidebar in wordpress?

And I know .htacess is usually a file for password protecting http directories, which one do I edit? Can i use SSH and my bash shell to do it?

sorry again for the newbieness. i just need my shopping cart working badly..
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
I don’t clearly underestand so I will reopen thread.
Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
The htaccess edit can be done usually either from your FTP client or within your SSH client. Make sure you put these rules above the normal WP rules, to ensure they play out correctly (it’s processed top-down).

The wp_options table will need to be edited thru a database client. phpMyAdmin is what I (usually) prefer, but the current build (3.5.1) has made simple text edits like this way more complex than they should be and the color coding hosed the SQL editor. Sigh. There’s also Adminer – which is much more manageable and lightweight. If you install one of these DO NOT put it in a folder named the same thing as the zip file. Create a new random name so that it doesn’t put your server at risk if there’s a security hole discovered in it.

In any case, if you’re using a hosting control panel you probably already have one of these installed that you can access thru there.
Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
Oh, and the htaccess file you’ll want to edit is the one at the root of your WP site – beside the wp-config.php file.
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
Hey shawn,

I checked the wp_options table and both the home and siteurl are set to https://www.mysite.com

Now I edited the .htaccess in the root wordpress directory and made it look like below, but it has broken my site, my browser now claims “too many redirects”, I guess it is looping. Any ideas why it is doing this?:

# Force SSL and wwwith or wwwithout

RewriteEngine On

RewriteCond %{SERVER_PORT} !443 [OR]

RewriteCond %{HTTP_HOST} !^mysite.com

RewriteRule (.*) https://www.mysite.com/$1 [R=301,L]

# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ – [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>

# END WordPress
Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
This is your problem:
```
RewriteCond %{HTTP_HOST} !^mysite.com

RewriteRule (.*) https://www.mysite.com/$1 [R=301,L]
```
The test says “if the domain doesn’t exactly match ‘mysite.com’ then”…the rule says “redirect to http://www.mysite.com”. These are mutually exclusive. They MUST be the exact same domain. Either with the ‘www’ or without the ‘www’.
Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
And if you’re using the ‘www’ version in wp_options, then make sure the htaccess is forcing it TO the www-enabled version.
aecnu
- WP Unicorn
- 2,863 pts: Hero points 19,444 pts: Rep. points LEVEL 29
Greetings,

Thank you again Shawn for popping in here and following up with edlikestoboogie.

Some more rep points sent your way.

What is in my opinion the greatest Database Management software of all time Navicat.

You may want to check it out.

Thank you both for being WPMU Dev Members!

Cheers, Joe
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
Thanks Shawn,

Looks like my site e-t-h-er-d-o-s-e.com (without the dashes) is working with HTTPS, wordpress and marketpress, but I still get this message from my chrome browser “There are resources on this page that are not secure” .. How do I get all resources to be SSL secure? My entire site with content should be coming locally from my wordpress, site, I don’t understand.

My other problem is with marketpress, I will open a new thread for that concern.

thanks.
aecnu
- WP Unicorn
- 2,863 pts: Hero points 19,444 pts: Rep. points LEVEL 29
Greetings edlikestoboogie,

You tell that from my chrome browser “There are resources on this page that are not secure” but you do not indicate what resources are not secure?

Do you have image embeds that the URL does not start https://?

Please advise what resources are not secure or if it was indeed images or possibly what the URL is so that we can see for ourselves what resources are not secure.

Cheers, Joe
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
Hi Aecnu,

All images are uploaded and referenced using WordPress’ / MarketPress’ upload capability. I am unsure what is unsecure. I will look at the html, but if you can visit my site, and take a look.
edlikestoboogie
- WPMU DEV Initiate
- 53 pts: Hero points 11 pts: Rep. points LEVEL 1
Sorry, I got everything to work by changing my theme to the framemarket theme. all is good now.
Shawn
- The Crimson Coder
- 671 pts: Hero points 624 pts: Rep. points LEVEL 6
The only potentially callable non-secure reference within the current theme appears to be the wlwmanifest, which can be disabled with this in your functions.php file:

remove_action('wp_head', 'wlwmanifest_link');

It’s unlikely to actually cause any problems though.

There are more than a dozen links throughout your site with non-secure URLs, though. You can fix them by modifying the ‘guid’ within the ‘wp_posts’ table. You can do that wholesale with this SQL:

update wp_posts set guid = replace(guid,'http://','https://');

Just run it from phpMyAdmin or whatever SQL editor you use.

If you have links that are within the content of the site, you can use this one:

update wp_posts set post_content = replace(post_content,'http://www.EXAMPLE','https://www.EXAMPLE');

Make sure you replace http://www.EXAMPLE with your real domain name.