https on subdomain redirects to main domain; subdomain works without https

Question

I have a website, https://www.example.com and subdomain, https://sub.example.com.

My problem is that whenever I try to visit https://sub.example.com I am redirected to https://www.example.com. But, when I visit http://sub.example.com, I am not redirected.

I have a wildcard SSL cert which should allow me to visit my subdomain with https://. Both sites run WordPress and are hosted with Bluehost. I have tried many solutions as well as contacting Bluehost customer support twice to no avail. I would like to be able to visit both my main domain and subdomain with SSL active.

I have edited the .htaccess file according to the following solutions found here: htaccess redirect domain to https, subdomain to http and www to non-www

# for main domain
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com$ [NC]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L,NE]

# for sub domain
RewriteCond %{HTTP_HOST} ^(www\.)?sub\.example\.com$ [NC]
RewriteCond %{HTTPS} on [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ http://sub.example.com%{REQUEST_URI} [R=301,L,NE]

https://my.bluehost.com/hosting/help/766

# Custom subdomain .htaccess SSL + WordPress
RewriteEngine On
RewriteCond %{HTTP_HOST} ^subdomain.maindomain.com$
RewriteCond %{REQUEST_URI} !^/subfolder/
RewriteRule ^(.*)$ /subfolder/$1
RewriteCond %{HTTP_HOST} ^subdomain.maindomain.com$
RewriteRule ^(/)?$ subfolder/index.php [L]
# End custom subdomain .htaccess

# Custom maindomain .htaccess WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www.)?maindomain.com$
RewriteRule ^index\.php$ - [L]
RewriteCond %{HTTP_HOST} ^(www.)?maindomain.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# End custom maindomain .htaccess

http://www.wpbeginner.com/wp-tutorials/how-to-add-ssl-and-https-in-wordpress/

I have also tried fresh WordPress installs of both the main domain and subdomain with no luck. I'm not sure what else to try. Any help and suggestions would be much appreciated.

Answer 1

Several things to try:

1. First, when you're making changes, use a tool like Webconfs HTTP Header Checker. This way, if your web browser has redirects cached and you make a change that fixes the redirects, the Header Checker won't be fooled. Your web browser, on the other hand, will keep redirecting even after things are fixed, until you clear the cache. Alternatively, you can try a Chrome Incognito window.

2. Instead of using just the one .htaccess file, use one for each site. Assuming example.com is your primary domain, you can set rules for the "root" WP site in the root folder, and you'll set rules for the "subdomain" WP site in the folder where that separate WP install sits - /subdomain.com/.htaccess.

3. Make sure your "root" WP site URL and home URL are both set to the https version. You can do this in a couple of places: in wp-admin of the "root" WP site, go to Settings > General. The "WordPress Address (URL)" and "Site Address (URL)" both need the https. If they are set to http, it will log you out when you click save. Alternatively, you can do this in phpMyAdmin - in the wp_options table, look for the 'siteurl' and 'home' options and make sure they're https rather than http.

4. It sounds like your "root" WP was installed when the site was insecure, running on http. Sometimes it takes more than just updating the site URL and home URL. Try using WP Migrate DB which will do a search-and-replace to convert all instances of your http URLs to https URLs.

5. Once all that is done, if the "root" site still redirects to the non-secure version, you can install a plugin such as WordPress Force HTTPS.