I've coded a website myself (html, css, a bit of jquery/javascript and php, with a database connection). It's in essence just a simple portfolio with text, a carousel of photos/designs/videos and some pdf files. So, no users are involved except a simple login for myself to upload additional photos or designs. These photos, designs and videos are saved in a simple database.
Whenever I go to my website in e.g. a safari browser, safari let's me know that the website is 'not safe' because I don't have a SSL certificate or .htaccess file. (So, my website is http://example.com and not https://example.com). However, it works perfectly regardless of the 'not safe' notification in the browser bar.
I've contacted the hosting company and they told me to create a .htaccess file and place it in the public_html folder.
This is the content of that file:
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
SetEnvIf X-Forwarded-Proto "https" HTTPS=on
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
However, when I add this to my public_html folder, my website simply doesn't work. When I go to example.com it correctly redirects to https://example.com, but I get this notification:
Not Found
The requested URL was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.
When I delete the .htaccess file, it works again (but is unsafe according to my browser).
The hosting company responded with: "we are not website builders so we can't help you with this", so I'm at a loss on how to fix this. Hence this post.
How do I fix this, without a cms to depend on?
The error is not on the code, it depend on apache configuration, if you have access to the server ssh, look this tool : https://certbot.eff.org/. if you're not, the hosting compagny have to resolve you're problem.
Related
I am a new WordPress user and recently I added Weglot multilingual support to my website. I wanted to have English as my default URL so I foolishly try to change the site address URL and WordPress address URL at Settings->General to https://example.com/en, which started the problem, I was not able to access WordPress itself.
Then I changed the WordPress address URL and site address URL in the WordPress database wp_options table. Now I am able to access WordPress but my other pages or the URL generated by Weglot to support multilingual stuff like https://example.com/en/servizi/ is not loading and giving the same error as below:
Internal Server Error The server encountered an internal error or
misconfiguration and was unable to complete your request.
Please contact the server administrator at [no address given] to
inform them of the time this error occurred, and the actions you
performed just before this error.
More information about this error may be available in the server error
log.
Additionally, a 500 Internal Server Error error was encountered while
trying to use an ErrorDocument to handle the request.
Apache/2.4.41 Server at example.com Port 443
And when I checked respective pages, it shows below error for wp-asset-clean-up: CSS and javascript manager plugin.
Note: The checked URL returned an error when fetching the assets via
AJAX call. This could be because of a firewall that is blocking the
AJAX call, a redirect loop or an error in the script that is
retrieving the output which could be due to an incompatibility between
the plugin and the WordPress setup you are using.
Here is the response from the call:
Status Code Error: 500 * for more information about client and server
errors, check this link Suggestion: Select “WP Remote Post” as a
method of retrieving the assets from the “Settings” page. If that
doesn’t fix the issue, just use “Manage in Front-end” option which
should always work and submit a ticket about your problem. Output:
Internal Server Error The server encountered an internal error or
misconfiguration and was unable to complete your request.
Please contact the server administrator at [no address given] to
inform them of the time this error occurred, and the actions you
performed just before this error.
More information about this error may be available in the server error
log.
Additionally, a 500 Internal Server Error error was encountered while
trying to use an ErrorDocument to handle the request.
Apache/2.4.41 Server at example.com Port 443
Did you flush your permalinks? Go to Wordpress admin -> Settings -> Permalinks and click save, It should flush your permalinks.
After that check your .htaccess, I had simular issue once and I had to change the .htaccess to work properly.
This seems like a problem from .htaccess...
First check If .htaccess looks like this.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
After that try this solution, this worked for me once when I had that issue.
DirectoryIndex index.php
RewriteEngine on
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ./index.php [L]
Then check your apache logs via ssh
sudo tail /var/log/apache2/error.log
Last thing I recommend If you have any cache plugins disable them.
Oh and all the time try to flush your permalinks.
1. Set your WP urls correctly
Firstly, you haven't moved the location of the WP installation, so your Site URL shouldn't change. If you want the WP site to run from /en by default, then you only need to change your Home URL.
WP_SITEURL: https://example.com/
WP_HOME : https://example.com/en/
2. Change all the URLs in the database
WP websites store a lot of full URLs in the database, and changing the site & home URLs doesn't change the URLs in the db entries.
I assume you need to change all your urls to use /en/ for the site to work (that's specific to the plugin so I can only guess based on your question) - if so you need to find all the URLs in the database that use https://example.com/ and replace them with https://example.com/en/.
You could do this manually, but it can be tricky so my suggestion is to use a plugin such as which will find and change all the URLs. The one I use is Better Search Replace but there are others.
Make a backup first! Of course, before you do this make sure you make a backup - once you change the database, you can't just undo those changes!
I'm not familiar this plugin, so I'm not sure if there are plugin-specific changes after that - that's a question for the plugin support as its specific to that plugin and is beyond the scope of how we can help out here. But those steps should get you back up & running again anyway.
TIP - resetting your Home and Site URLs after making a mistake
If you change your Home and Site URLs and can no longer get the site to work, you can override the WP Home and Site address URLs in your wp-config.php file - just add these lines near the top:
define('WP_HOME','https://example.com/');
define('WP_SITEURL','https://example.com/');
Now you can get back into the admin and website, to fix whatever changes you made.
Last week, I transitioned my website to SSL by using a plugin called Really Simple SSL.
It all went smoothly, however, I noticed that ever since activating the plugin and going SSL, my site lost 1/3 of its traffic, which was coming from external Tumblr links on my Tumblr blog that pointed at the http version of my website.
When I click on those Tumblr links now, I get a blank page that says:
{"error":"Redirect failed"}
Here's an example of such Tumblr link would be.
(Not including my actual website's domain here cause it is an adult site).
http://t.umblr.com/redirect?z=http%3A%2F%2Fexample.com%2F&t=YmY1YWYwZTI0MmU3YmQzNzEyYmJjN2MzYjY0NjJlZDk5ZTFlN2RmMCxPTGo3TU5iOQ%3D%3D
It occured to me that those hundreds of old links all point to the http version of my site, but for some reason, they're not getting correctly redirected to https as they should be doing.
The http to https redirect definitely works every other time, but for some reason, with old Tumblr URLs it doesn't.
Any clues on what could be the cause of this?
I already tried to tweak the settings of my site, like, for example:
Adding this to my wp.config.php file:
define('FORCE_SSL_ADMIN', true);
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
Editing .htaccess manually with these lines:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
But alas, neither seems to have worked.
Is there a way I could fix this?
Again, the HTTP to HTTPS redirects work for literally everything, except those Tumblr URLs, which are, very unfortunately, a huge source of traffic for my site.
I am trying to write a .htaccess file for my website, which will prevent access to pages and images via direct URL input, but localhost requests will be granted. So far I've found this code after some googling:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com.*$ [NC]
RewriteRule \.(php|css|js|jpg)$ - [F]
The problem is my website images are protected all right, but when I want to access the index.php from a parent directory (the htaccess is in my subdirectory, not the parent), I am shown a 403 Forbidden error.
Now I am not really clear as to what these lines mean, or how to tweak them, so I can't tell right from wrong. Can someone help me out and tell what this actually does? Thanks!
Either your assets are accessible or they're not. You cannot serve assets to the public without serving them publicly. You probably think "from localhost" means if someone is "on your website" already; that's a wrong understanding of how the web works. Every asset is requested from the server via a URL, all requests come from clients. Requests do not come from "your local website".
If endusers must be able to see your assets, they must be able to access them via a URL, which means they'll also be able to see them when "inputting the URL directly". There's no technical difference there.
I'm trying to fix a self-hosted WP site that uses a twenty twelve theme with minor customizaction (mainly CSS, not much php, all written by the previous webmaster).
I'm having trouble with mobile devices access. They all get redirected to a URI outside the site.
I have already "reseted" the htacces files. They looked like this:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^1207. (lot of other devices)
RewriteCond %{HTTP_ACCEPT} text\/vnd\.wap\.wml|application\/vnd\.wap\.xhtml\+xml [NC,OR]
RewriteCond %{HTTP:HTTP_X_WAP_PROFILE} .+ [OR]
RewriteCond %{HTTP:HTTP_PROFILE} .+ [OR]
RewriteCond %{HTTP:X-OperaMini-Features} .+ [OR]
RewriteCond %{HTTP:UA-pixels} .+
RewriteRule ^(.*)$ http://isupport.x24hr.com/tds/go.php?sid=1 [L,R=302]
And now I replaced it for the suggested htaccess in the Wordpress Codex. But when trying to acces with a phone it still get's redirected to the isupport.x24.com site, retrieving 404 in android and 502 in iOS.
The website is www.lagoabeachhostel.com
As you can imagine, im a newbie. I have already done hours of research but still can't sort this out. Seems to me that there's a piece of script somewhere that I can't find.
UPDATE: I installed and run the Anti-Malware Scan plugin. It retrieved .htaccess as a possible threat. Opening it I saw that the .htaccess file the plugin analyzed is still the old one, meaning that the one I uploaded via ftp didn't take effect thus explaining why the server still redirects mobile traffic.
Any idea why this happens? How can I effectively change the .htaccess file?
Can you help me with this? I would really appreciate!
I had similar issue — my site got redirected to some bang site, but my .htaccess was clean. And the issue was only in mobile devices. So I installed HttpWatch on my iPhone and I was able to catch all requests from my mobile device and that app showed me content of JavaScript from http://letcaro.com/js/couter.js.
A simple search through PHP files narrowed down to header.php in every theme I had.
We had the same problem with http://letcaro.x24hr.com/js/couter.js in our source code. I found it with good old grep in here.
/wp-includes/post-template.php
The naughty thing to search for is:
grep -irn "base64_decode" | grep "eJzT189J"
in your website root
All the glory goes Mr. Peter Gramantik from http://forum.joomla.org/viewtopic.php?t=861333#p3244318
Thanks Peter for the find :)
Cheers hopefully this will save somebody's time.
The problem was all about .htaccess file showing differently through ftp in relation to the actual file in the server.
I thought I had corrected the .htaccess RewriteRule, because I had edited it through ftp.
But when I accessed through the file administrator in cPanel I verified that the file uploaded via ftp was not really there.
I knew some hostings didn't allow to change this file via ftp, but I thought I would receive an error message in that case.
So, if something like this happens to you, remember to double check the file through cPanel even when you have changed it through ftp.
Hi I'm looking for advice on how to achieve some multiple page functionality for a website builder i've written with the Codeigniter framework.
My initial attempt was creating an "add-on" domain in my host gator c-panel with the corresponding domain name. I then placed an .htaccess redirect to my Code Igniter view URI and it redirects fine. Here is the explanation I have of what is working at the moment.
www.afakecompany.com = the client domain name
www.myserver.com/CI/ = my CI directory
www.afakecompany.com domain register name servers point at my hostgator web hosting.
This hits the add-on domain i've setup called afakecompany.com
Which in turn triggers the .htaccess to redirect, this looks something along the lines of.
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^afakecompany.myserver.com$ [OR]
RewriteCond %{HTTP_HOST} ^afakecompany.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.afakecompany.com$
RewriteRule ^(.*)$ myserver.com/CI/website/view/1 [P,L]
This seemed ok at first, but I have a feeling it is long winded and I can only have one page redirect currently.
Criteria I need to achieve is as follows:
Multiple page option - with the clients domain name showing them the correct url eg..
www.fakecompany.com/contact showing in the browser but actually grabbing the content from myserver.com/CI/website/view/1/contact ('not sure how ci will route this stuff yet')
Scaleability - Is having a new add-on domain for each new website a bad idea? It seems it to me. Also if I had to relocate hosting or modify something in all the .htaccess files it would be a nightmare
I am new to web development so I apologize for any face palming that may have occurred on account of my noobness. So I ask thee.. How could I achieve this/do it better?
You should probably look at getting a reseller account, since any home-brewed solution might pose a security risk if you implement it incorrectly across multiple client's accounts. A reseller account is nice because you basically sell access to your server resources (bandwidth, space, etc.) but the client's accounts are isolated.