How can I redirect to https when using Wordpress?

Question

I'm trying to use .htaccess to redirect al http:// pages to https:// . I can do it with regular pages without issues by using the codes available at Apache site, but I'm having problems with doing the same when using WordPress.

I tried the question here, but it didn't help me.

Here's the code I'm using:

# BEGIN WordPress
<IfModule mod_rewrite.c>

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://example.com/$1 [R,L]

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

and I'm getting this message:

The webpage at https://example.com/ has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

I also tried this answer at Stack Overflow, with the same result. I obviously cleaned cache and cookies to see if that was the issue, tried different browsers and even different computers, modified the code as much as I could, but I simply gave up, so I'm looking for help.

What am I doing wrong here? Any help extremely appreciated

EDIT: While I solved the issue, I have found there was an additional problem I wasn't aware of, and that was the main issue. The site owner has installed WordPress HTTPS Plugin without my knowledge and I didn't notice it (my bad). This, added to the DB changes I had to do and some persistent cache issues were causing the site to go berserk.

So, this is what I did:

• 1) In Settings > General > WordPress Address (URL) changed the http... address to https
• 2) In Settings > General > Site Address (URL) changed the http... address to https
• 3) Used lxg DB changes suggestion
• 4) Deleted WordPress HTTPS Plugin
• 5) Created Permalinks again (just to create a new .htaccess file)

Bam! Works like a charm.

Just a warning: this broke the site because I was serving files from CDN like JQuery, Bootstrap and such, so they were rejected as secure connections. I just had to host the files in my server and now everything works as expected.

Hope this helps someone, I sure know I almost went crazy!

Answer 1

You can also use the ssl-insecure-content-fixer to fix any jquery errors. If installed on a multisite setup must be individually activated on each subdomain.

Answer 2

The problem is that WordPress stores the base URLs in the database, too, and tries to redirect to them. You must update these fields, too.

This is usually done in the administration area, but when redirect are active, you usually can't reach it. Therefore, you can do it with a simple DB query.

First, check the old values … in case something goes wrong. (Note: I assume that your table prefix is the default wp_.)

SELECT * 
FROM wp_options
WHERE option_name IN ('home', 'siteurl');

This should give you something like:

+-----------+-------------+------------------------+----------+
| option_id | option_name | option_value           | autoload |
+-----------+-------------+------------------------+----------+
|        37 | home        | http://www.example.com | yes      |
|         1 | siteurl     | http://www.example.com | yes      |
+-----------+-------------+------------------------+----------+

If both option_values are equal (which they are in 99% of all WP installs), you can simply update them to the new URL with one query, as seen below. Otherwise, update them separately.

UPDATE wp_options
SET option_value = 'https://www.example.com' 
WHERE option_name IN ('home', 'siteurl');

Now you should reach your WP install via the new URL.

Another problem is when posts or other settings (e.g. by plugins) contain the old URL.

This should be handled properly by WordPress – but: (a) each call to the old URL is a unneccessary call to the webserver, and (b) it will needlessly redirect the user to use an unsecure URL.

For this problem, there's no simple hack, but you need to search and replace in your DB. I have had good (yet not always perfect) results with DB search/replace. When using it, be sure to make a backup of the DB – although it is a stable tool, the things it does are prone to causing errors.