WPMU and Let's Encrypt

Our host gave us a rewriting rule to allow Let's Encrypt to work properly with WPMU (I believe it's for the domain validation so renewals would work). This rule works well, but every time we create a new site, we have to edit the .htaccess file.

Here are the provided rules.

RewriteCond %{HTTP_HOST} ^vitreriemorin.ca [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://www.vitreriemorin.ca/$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^constructionbrunocouture.ca [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://www.constructionbrunocouture.ca/$1 [L,R=301]

As you can see, it's repeating for every site, so every time we create a new site, we have to edit the .htaccess file, copy paste the rule and its conditions to finally rename the domain name.

Without this rule, the site won't load over HTTPS.

Does anybody know if we could have the rule once and apply it to all domains? It's always the same URL syntax, no exceptions.

Kind regards,

  • Dimitris

    Hello there Vince,

    hope you're doing good today! :slight_smile:

    These rules are for the mapped domains of your multisite, correct?
    Each set of these rules are relative to the mapped domain and I think that there's no workaround for this, especially after your hosting provider said that.

    What you could do is to built a custom plugin, so when you map a new domain that has already a Let's Encrypt certification installed, this plugin edits .htaccess file and adds automatically the proper snippet. Such implementation surpasses the scope of our support though, so I'd rather advise to contact your hosting provider about it, in case they could build it and add it in their workflow, or hire a developer to custom-made this for you (for this, you can also take advantage of our partnership with Codeable: https://premium.wpmudev.org/partners/)

    Warm regards,

  • Vince

    Thank you splaquet and Dimitris,
    That's what we wanted to know, we do not expect you to modify the files yourselves. For the addon domains, that is exactly what we are doing at the moment, there are no subdomains. It's a regular addon domain method right? Unless we missed something in the post.

    We wondered if there was a dynamic variable we could use in the rules such as %{HTTP_HOST} so it would be needed only once. Let me know about this.

    Something like this maybe? (just guessing)

    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

    If it's impossible, we can customize our own optimization plugin to append the rules into the .htaccess everytime we have a new website. It's a good idea and I don't see any other way to make it cleaner unless anybody knows one.

    Kind regards,

  • Nastia

    Hello Magik Web

    I trust you're doing well!

    I am not an expert, but yes you could use {REQUEST_URI} to get the URL

    RewriteCond %{HTTP_HOST} ^{REQUEST_URI} [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    This article that has some useful information:

    Also please contact your host and ask if they can provide such rules for you that will work on their server :slight_smile:

    Have a good day and take care!


  • splaquet

    Magik Web ,
    For the addon domains, that is exactly what we are doing at the moment, there are no subdomains. It's a regular addon domain method right? Unless we missed something in the post.

    That depends... are you creating the Add-On domains within the same cPanel account or are they being made on a third party cPanel account, with the A record pointing to your multisite? I'd assume that's not what you're referring to. So, back to my explanation.

    When you create an add-on domain within the same cPanel account, *it does* create a subdomain. So, even though creating an add-on domain creates a new DNS record, purely for addondomain.com, is also creates a subdomain in your originaldomain.com. If you look into the DNS for originaldomain.com, you'll most likely see addondomain.originaldomain.com there. *THAT* is why Apache has its hiccup (from what I've gathered from cPanel support).

    For example, if you created an add-on domain for 'addondomain.com', it'd typically create a sub-folder in your /public_html/addondomain.com (or possibly /addondomain)

    So, as I mentioned in my first post... if you create an add-on domain, to your originaldomain.com, with addondomain.com... you'd want to *not* accept the default subdomain that cPanel creates for you.

    if you reference my screenshot from above... call the subdomain *anything* that makes sense to you (as long as it isn't addondomain.com or addondomain), and I do believe that you're going to find the solution that you seek :slight_smile:

  • Vince

    Thanks again everyone!
    Nastia, I cross my fingers that a rule like yours will work. We're going to test it out with our host (SiteGround) and see how it goes.

    splaquet, I think I understand what you mean. The root domain is magikweb.net, so every addon domain adds a subdomain to it. See attached files. We will test it out if the global dynamic rule doesn't work out. If it's causing an issue, do you think that deleting the respective DNS entries would solve it? Or it's a cPanel internal issue?

    Kind regards,

  • splaquet

    i worked on trying to figure this out for a few days with cpanel support staff. they said that it's actually an Apache thing.

    i might be totally off... but having a better understanding of how things work now, it'd make sense to me why/how having 2 httpd/DNS entries for addondomain.com would create an issue. actually... the part where it started making sense whas when i started using addondom as the addon/subdomain folder... even though you remove that folder anyhow (redirecting the addon to primarydomain.com

  • splaquet

    Yeah, I noticed (or rather, didn't notice) the attachments... but I've been down this road before. I've helped out about a dozen folks on here for pretty much the same thing. I've actually tried to have the WPMU folks modify their guide, (like a: If you plan on using a sub-domain install, click here for SSL setup) ...but I don't think enough folks run down this road.

    Anyhow, your screenshots confirmed my assumption. (Because your primary domain is showing the add-on domain, as the sub-domain)

    I'd highly suggest that you try this:
    - remove your add-on domain
    - recreate the add-on domain, but follow my step above (don't use the same name/words/letters for the subfolder, as is the add-on domain. If your add-on domain is accivie.com, use something like /acciviesub. You can use anything really, other than verbatim of what is before the period of accivie.com)
    - you should be all good.

    Hope that helps! I realize that it might not make much sense... but life doesn't always either ????

  • Vince

    For people having the same issue as us, here is what worked in the end if it can help anybody.

    RewriteCond %{HTTP_HOST} ^(?!www\.).*$ [NC]
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=301]

    This allowed https://domain.com to be redirected to https://www.domain.com.
    Warning: All your sites must start by www for this to work since it checks for its lack of.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.