Tag: htaccess

Move WordPress to new domain with full URL redirects

Disclaimer: If you break something, too bad. You’re responsible for your actions. This worked for me.
Take backups of your database and files for both domains!

It’s usually not recommended to switch domains since search engines might take some time or not index your moved stuff at all for some reason. Also, frequent visitors might stop visiting your site and old links might stop working after a while if you let the old domain expire…

But lets say you really want to move the domain.
First, it’s important that you use the same permalink settings on both sites otherwise this will not work.

Ok, lets begin, login to WP Admin.
Go to “Tools” and choose “export”.

Export everything and save it as a XML-file.
Don’t worry about the pictures and stuff, WordPress will download that later automatically.

Now, go to your new site and under “Tools” you’ll see “Import”.

Just import it, it might take a while if your site is huge. Don’t click the button twice.

Is the Import OK?
Good. If not… Well, Google and find out what’s wrong.

If it’s good, then login to SFTP/FTP or whatever and open your “.htaccess”-file on the old server and place this bit of code there:

# BEGIN WordPress

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.nordicnode\.com
RewriteRule (.*) https://www.nordicnode.com/$1 [R=301,L]

# END WordPress

Replace my domain name with yours by the way. 😉
Hopefully you got it working with the permanent redirects now!

Make WordPress use HTTPS & WWW & block XMLRPC (.htaccess)

A while back I posted some “.htaccess” code to add HTTPS (SSL) and also “www”, in front of the domain name.

I think it’s a mess to work this stuff and too many people on forums and such tend to disagree about the best way to do things, so I can only assume it’s a common problem. Not to mention the different kind of servers and server configs that can screw things up further.

This is the “.htaccess” code that I currently use on WordPress sites

# Force www
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Force SSL
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# Disallow all WordPress xmlrpc.php requests to this domain
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

As you can see, it’s checking if the URL contains “www”, if not it will add it. Same thing with HTTPS.

Add HTTPS and WWW to WordPress

Last time I posted, I had a “302” redirect on the SSL stuff which was a mistake because “302” is the code for a temporary redirect.

Since Google decided a few years back to pretty much force people over to HTTPS (Ranking factors..) which really is a good idea, but was a pain in the *ss at the time to make the switch if you got plenty of sites.

Anyway, hopefully you’ve got SSL certificates for your domains by now and therefor we’re telling mighty Google that we’ve permanently moved over to HTTPS. So we should change that temporary “302” redirect to a permanent one “301”.

After that comes the regular WordPress “.htaccess” content.

And last but not least. I decided to block all traffic to xmlrpc.php.
Because it seems to be used by spammers and hackers to bruteforce your passwords.

However, if you use a standalone application to post to your WordPress blogs, like Windows Live Writer for example. You might need to remove that last part of the “.htaccess” code, or why not let your IP in only.

There’s also some plugins that can help you keep the bad guys out if you prefer that approach.

That’s it for now. I’m not 100% this is the best way to do it. Please, leave a comment if you can improve anything in the “.htaccess” code.

Force HTTPS and/or WWW on your WordPress site!

As you probably know by now. Google is starting to add a new ranking factor to their ever-changing algorithm.

It’s SSL that they want us to use but it’s a good thing since the data you send and receive from a server will be encrypted and a bit harder for people that might try to gather information like credit card numbers, passwords and other sensitive information.

First, make sure you’re happy with your Permalinks settings. Once that is done, open the file named “.htaccess” and after taking a backup of it, change it to the similar bit of “code” below:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# Force www
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Force SSL
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,NE]
</IfModule>
# END WordPress

Just add the “Force www” part for adding www if you want it. The SSL part below is what’s important.

Save the file and try going to some of your old URLs.