Please advice needed SSL .htaccess
-
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com
all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue?
Here is the peice of code from htaccess. Please, advice needed!
RewriteEngine On
RewriteBase /RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Thanks in advance
-
Like I thought, you need to buy another certificate for https://www as it is considered another domain in modern browsers.
Thanks to all for responses
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
I wouldn't install the certificate to get around this problem. In fact, that could make things harder to fix because your browser has now been fixed but everyone else get a scary SSL error that drives them off. Your end user will not know how to install a certificate, nor should they need to.
You either need to fix this in Apache or your control panel software (if you use one).
-
It definitely sounds like your certificate is not installed correctly. I wouldn't worry about the htaccess until you have the SSL version working properly.
Something you might have missed is an intermediate certificate (sometimes called a CA certificate). That helps the end user browser validate the signature. I don't use Verisign so I don't know if they use one, but other SSL providers I use do.
-
Serge,
It sounds like the certificate is not properly installed on the server. The steps to install a Verisign SSL certificate are (from memory):
-
generate a CSR from your server. The method to do such varies based on your hosting setup. If you use WHM, there is an option within the panel. If none of this makes sense, contact your web host for guidance.
-
Verisign will provide you with the key. This key then needs to be installed on your server. You can do this via WHM or contact your web host provider.
-
Verisign has a tool which verifies the certificate has been properly installed. If the certificate is installed correctly, users will not see the warning you mentioned in IE nor any other browser.
-
htaccess is not related to the above process. What the change in htaccess allows you to do is ensure visitors can only view your site in https://
-
once the above is complete, you will want to review your code to ensure all images and other objects are presented only in https on secure pages. If you skip this step, users will receive a "not all items on this page are secure. Do you wish to view the unsecure objects" error.
-
now you can add your Verisign trust badge to your page(s)
Good Luck.
-
-
Thanks Harald. It is not about me, I don't want my visitors to run to the screen like that. I know that Bank of america had a problem like that, they fixes it.
Some other top websites still run like that on https
One friend today told me that you need to buy additional Certs or smth like that. I never worked with SSL before so this is smth that I need to find out.
I will call Verisign tomorrow and post here what they say
-
Hi Serge, First of all I want to SSL error is about the the certificate issue error & not of the server error.here I'm defining you the steps to fixed the error:
FIXED: Here’s how I fixed this problem (you do not need to buy or install any 3rd party certificates or software), the certification error is nothing to worry about. You can fix the error by following these steps:
1. Navigate to the page where you are presented with the Certificate Error and click on “Certificate Error” in the Address bar
2. Click on “View Certificates”
3. Click on “Install Certificate” and then Next
4. Select “Place all certificates in the following store” and click on Browse
5. Select “Trusted Root Certificate Authorities” and click on OK and then Next and Finish
6. Click on Yes and OK if you are asked whether you would like to install the certificate
7. Click on OK twice to exit windows and close and then open Internet ExplorerYou should no longer get the Certificate Error.
You can get more detailed information about how to fix this problem fromhttp://www.ubishops.ca/faqs/Cert.htm or http://www.brightvisions.co.uk/Secondly, the piece of code from htaccess ,Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]Please, note that the .htaccess should be located in the web site main folder.
In case you wish to force HTTPS for a particular folder you can use:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} somefolder RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]The .htaccess file should be placed in the folder where you need to force HTTPS.
I hope that your query had been solved.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Advice for rapidly declining ranking-- can an old indexed sitemap cause this?
Hi Everyone, Today, I woke up to a dramatic page rank decline (nearly 20 positions) for a client's website (eacoe.org). When I looked in Webmaster tools, I noticed that the site was just indexed yesterday by Google (a request that the webmaster had submitted back in April of this year). Would this re-indexing event have caused the sharp decline? In Webmaster Tools, I don't see many errors (one 404 error that we are planning on fixing). I likewise see no Manual Actions/ penalties brought up by Google about our site. My first concern is that the re-indexing led to rank decline, but I'm not entirely sure if I should be focusing on something else. And if it is the re-indexing, what are there any recommended steps of attack? Thanks for your help! -Bruce
Technical SEO | | dynedge0 -
Spammers created bad links to old hacked domain, now redirected to our new domain. Advice?
My client had an old site hacked (let's call it "myolddomain.com") and the hackers created many links in other hacked sites with links such as http://myolddomain.com/styless.asp?jordan-12-taxi-kids-cheap-T8927.html The old myolddomain.com site was redirected to a different new site since then, but we still see over a thousand spam links showing up in the new site's Search Console 404 crawl errors report. Also, using the links: operator in google search, we see many results of spam links. Should we be worried about these bad links pointing to our old site and redirecting to 404s on the new site? What is the best recommendation to clean them up? Ignore? 410s? Other? I'm seeing conflicting advice out there. The old site is hosted by the client's previous web developer who doesn't want to clean anything up on their end without an ongoing hosting contract. So beyond turning redirects on or off, the client doesn't want to pay for any additional hosting. So we don't have much control over anything related to "myolddomain.com". 😞 Thanks in advance for any assistance!
Technical SEO | | usDragons0 -
Deal with links that need login to view
Hi All, Deal with links that need login to view We have member names in the site in many places and when clicked it takes the user to the login page As just logged in members can view the details The redirection type is 302 and Moz Campaign says we have many and need to make them 301 What is the best way as we have a drupal website Thanks
Technical SEO | | mtthompsons0 -
Need very urgent advice on Wedsite Migration questions please.
Good afternoon, I am in the middle of re branding my Computer Repair Business that has been established for the past 5 years now and does very well in GOOGLE for all things computer repair search related queries. I have a done tons of research on the Migration process and all elements involved for the past month now and I have been doing SEO for the past 5 years and am quite knowledgeable and very fluent with search engine optimization. I have a bit of a unique situation going on in my particular instance. Not only am I re branding the business and trying to maintain my GOOGLE rankings trying to pull this off at the busiest time of the year (summer months) but I am also going to be physically relocating my business after the busy (Summer Season) from my current location of Wilmington, NC to Charlotte, NC. Yes, I do understand that Winter would have been the best (time) to do all of this massive changing around but, my hand is forced and this is being done out of necessity for monetary survival purposes and I really have no choice in the matter currently! With that said here is my dilemma. I am setting up a SILO Site Architecture using the "Thesis Framework" and WordPress which will be an improvement by 5 fold of what I have in my current well established JOOMLA site that has done very well in GOOGLE Search these past 5 years (all first page results) for anything (Computer Repair) related in Wilmington, NC. So, I am trying run damage control on this situation and I have a number of questions that need a strategic well thought out answer from a different perspective on this matter. 301 Redirect question: I want to include my geo targeted location in my URL String as it has served me well in the pass however, seeing how I am going to be Physically relocating myself and the business to Charlotte, NC from my current location of Wilmington, NC after the summer months what will I need to take into consideration with this situation in regards to the 301 redirect? _ "If I include my current location (Wilmington NC) in the destination (New Domain) URL string for any given 301 redirect from my existing website to the new website and then physically move to another city 3 months later is this setting myself up for a BIG Failure??"_ Seeing how I have no idea of how this technically works with GOOGLE as far as how long this (migration process) takes to Fully complete where the OLD domain completely drops off and everything is Fully passed over to the New Domain in terms leaving the 301 Re directs in place on the Old Domain Server. How long does this process usually take with GOOGLE? Information that you should know: This is my First Experience doing a Site Migration! The NEW DOMAIN is on a Different Server and IP I will be performing 301 Redirects on a Page to Page Basis! I DO plan on keeping the Old Domain Server Account online for 4 months after the migration process. Both OLD and NEW domains are on HOST GATOR (separate accounts) I am Migrating from JOOMLA to WordPress I am using the Thesis Framework for the new WordPress site (New Domain) I have created and established a well thought out SILO Site Architecture for the (NEW DOMAIN) using Parent and Child Pages in WordPress (not posts) supported by many hours of keyword research for my SILO Themes I am changing My Existing /computer-repair.hml URL Structure to WordPress **/computer-repair/ ** remember.. (using WP - Pages) not posts! I am re branding my Company business from Community Computer Repair to PC Medics On Call I am reducing my on page Content because it is too long in the Tooth for my customer base and although the search engines love it, in it's current state (long winded and well written) it is having a negative effect on the people that actually pay my bills (my customers) but my new Site Hierarchical Structure will rectify a lot of the negative fall out from this change that would otherwise kill me in the search rankings from doing this. In addition to being an proficient SEO I am also a developer and a coder. The New Domain is Currently ALLOWING only my IP Address while I sort this out and until I complete the new site structure and get the content and ON Page done. For the Destination Domain URL Structure, is including my current City (Wilmington NC) going to be an issue with the 301 Redirects seeing how I am moving to Charlotte NC around September? Having the Geo Targeted City in my URL Structure will help offset some of the damage caused by the changes that I need to make. Plus, the URL looks less spammy looking at the examples below when icluding location after the keyword phrase **Example -1 - ** VIRUS REMOVAL SILO With GEO Targeted Location after Keyword http://www.pcmedicsoncall.com/virus-removal-wilmington-nc/malware-removal/ Without - GEO Targeted Location after Keyword http://www.pcmedicsoncall.com/virus-removal/malware-removal ** Example -2 -** COMPUTER REPAIR SILO With GEO Targeted Location after Keyword http://www.pcmedicsoncall.com/computer-repair-wilmington-nc/laptop-repair/ Without - GEO Targeted Location after Keyword http://www.pcmedicsoncall.com/computer-repair/laptop-repair/ As far as the potential problems with icluding the Wilmington NC in the Targeted URL destination for the 301 Redirect and then changing my Actual City location for the business 2 1/2 - 3 months later is this going to be an issue? Pertaining to the 301 redirect question above, how exactly would I handle this if I used Wilmington, NC after the Keyword when I initiate the 301 Redirect to the site? Can I later change this in the OLD Domain .htaccess 3 months later to reflect the Charlotte Location and also do the necessary 301 Redirect in the NEW DOMAIN to reflect the permanent move? I hope I have not confused this any by the way that I am asking? Here is a screen shot of the NEW DOMAIN layout for the Links below and above. NOTE: Currently, ALL Silo Menu Themes have - wilmington-nc/ incorporated after the targeted Keyword http://www.pcmedicsoncall.com/virus-removal-wilmington-nc/malware-removal/ http://www.pcmedicsoncall.com/virus-removal/malware-removal SEOMOZ-PC-MEDICS-ON-CALL-1.jpg SEOMOZ-PC-MEDICS-ON-CALL1.jpg
Technical SEO | | MarshallThompson310 -
Do I need Redirects?
I've recently changed my old static website to a WordPress one. I'd like to know what do do (if anything) about my old links. For example a page on my old site was: www.iainmoran.com/corporate-magician.html - now I'm using WordPress, the url is:
Technical SEO | | iainmoran
www.iainmoran.com/corporate-magician/ My question is, do I need to set up redirects on these old pages (which no longer exist or will Google eventually re-crawl my site and update the links themselves? I'm using the Yoast SEO Plugin for WP and it creates a sitemap, which of course will have my new pages on. But don't want Google to penalise me for having broken links, etc. Many thanks, Iain.0 -
.htaccess: Multiple URLs catches filename
Hi, I have the following line in my .htaccess:
Technical SEO | | rasmusbang
RewriteRule privacy stdpage.php?slug=privacy [L] So if you go to the www.mysite.com/privacy it takes the stdpage.php with the argument above. But if you go to www.mysite.com/privacysssssssss catches the same file. How can I prevent this? It will give me multiple URLs with the exact same content. I have a 404 page which i would like to show instead when the match is not 100%. -Rasmus0 -
Remove a directory using htaccess
Hi, Can someone tell me if there's a way using htaccess to say that everything in a particular directory, let's call it "A", is gone (http 410 code)? i.e. all the links should be de-indexed? Right now, I'm using the robots file to deny access. I'm not sure if it's the right thing to do since Google webmaster tools is showing me the link as indexed still and a 403 error code. Thanks.
Technical SEO | | webtarget0 -
What code do I need to remove Comments Rss from Wordpress?
Guessing I need to put something in functions.php file to remove site wide the "Comments Rss" link under "Meta" in sidebar?
Technical SEO | | bozzie3110
