0

I have ssl for swellnomore.com, not www.swellnomore.com.

I get a security error when i type https://www.swellnomore.com. Can this be fixed (forwarded to https://swellnomore.com ?

I have this .htaccess in place

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] 

</IfModule>

# END WordPress

This is redirect www.swellnomore.com to https://swellnomore.com but when I type https://www.swellnomore.com I still get a privacy error.

Lost Sould
  • 127
  • 1
  • 3
  • 13
  • You can redirect, but that does not get rid of the security error the browser displays afaik. – Sumurai8 Jan 04 '15 at 11:38
  • possible duplicate of [URL rewriting for different protocols in .htaccess](http://stackoverflow.com/questions/3634101/url-rewriting-for-different-protocols-in-htaccess) – Sumurai8 Jan 04 '15 at 11:39
  • Not a duplicate , read my question again , Mine is the total opposite way , they want to redirect http to http://www while i am doing the opposite + with https. – Lost Sould Jan 04 '15 at 11:41
  • No, the accepted answer redirects a domain name with `www.` to the same domain name without `www.`. It preserves the protocol it was requested with, so if you request it with https, it will redirect to https. (similary, if you request it with http it will redirect to http, but it should be simple to change this if you want to redirect to https) – Sumurai8 Jan 04 '15 at 12:02
  • I had used that code in my .htaccess but it did not solved my issue , Please check this now http:// www.swellnomore.com www. swellnomore.com https:// swellnomore.com/ these works fine but https:// www.swellnomore.com/ gives the error. I am looking to fix this error – Lost Sould Jan 04 '15 at 12:11
  • You can't. The browser will check the validity of your certificate whenever you try to access `https://www.yoursite.com`. The certificate is not valid, and thus the browser will not establish a connection unless the user interferes. The browser treats this as a man-in-the-middle attack, and rightfully so. – Sumurai8 Jan 04 '15 at 12:13

1 Answers1

1

You get the security error, because the browser must establish a https connection to the server via www.yoursite.com, but the security certificate does not match. The server can only redirect when a connection is established, but the browser refuses to make this connection, because the certificate does not match the domain name!

You can only fix this problem by making sure none of your links direct to https://www.yoursite.com.

Sumurai8
  • 18,213
  • 9
  • 58
  • 88