I have searched many site and also Bitnami support pages and I was unable to find an answer to this issue I see. I cannot post on Bitnami support cummunity as a new topic as I have just joined :/
I have summarised as best I can but there is a lot of detail because I have added all the relevant configuration files.
I am running Wordpress MultiSite application running on AWS Lightsail Linux instance launched using Bitnami Installation System Package. My site is running fine and I have also successfully added and configured an Lets Encrypt SSL certificate. I can send both HTTP and HTTPS requests for my root and subdomain and see 200 OK in both curl types. Therefore the SSL certificate configured on port 443 is working as expected.
curl -L -svo /dev/null https://trevorwalsh.art
The only redirect currently configured on Apache is redirecting requests subdomain 'www.trevorwalsh.art' ----> 'trevorwalsh.art'. This is added when setting up this WordPress multisite.
curl -L -svo /dev/null www.trevorwalsh.art
I verified that for Wordpress MultiSite, the process for adding the Lets Encrypt SSL cert does currently allow for the configuration of HTTP to HTTPS redirection in Apache unlike in if using standard Wordpress and Apache. Therefore I researched and following the guidance seen in the following Bitnami doc. My stack is 'Approach A: Bitnami Installations Using System Packages' [1] Force HTTPS Redirection With Apache:-
I have added the contents of each relevant file that are required to be edited below:-
File --> /opt/bitnami/apache2/conf/bitnami/bitnami.conf
# Let Apache know we're behind a SSL reverse proxy
SetEnvIf X-Forwarded-Proto https HTTPS=on
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache/htdocs"
# BEGIN: Configuration for letsencrypt
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# END: Configuration for letsencrypt
<Directory "/opt/bitnami/apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Error Documents
ErrorDocument 503 /503.html
</VirtualHost>
Include "/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf"
File --> /opt/bitnami/apache2/conf/bitnami/bitnami-ssl.conf
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EX$
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/bitnami/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/opt/bitnami/apache/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache/conf/trevorwalsh.art.crt"
SSLCertificateKeyFile "/opt/bitnami/apache/conf/trevorwalsh.art.key"
# BEGIN: Configuration for letsencrypt
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# END: Configuration for letsencrypt
<Directory "/opt/bitnami/apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Error Documents
ErrorDocument 503 /503.html
</VirtualHost>
File --> /opt/bitnami/apache2/conf/vhosts/00_status-vhost.conf
<VirtualHost 127.0.0.1:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
ServerName status.localhost
<Location /server-status>
Require local
SetHandler server-status
</Location>
</VirtualHost>
I added the correct 'ServerName' and 'ServerAlias' root domain and subdomain values based on the guidance seen in the this doc:- [2] Configure Blogs For Different Domains With Different SSL Certificates:-
- https://docs.bitnami.com/aws/apps/wordpress-multisite/administration/use-different-ssl-certificates/
File --> /opt/bitnami/apache2/conf/vhosts/wordpress-https-vhost.conf
<VirtualHost 127.0.0.1:443 _default_:443>
ServerName trevorwalsh.art
ServerAlias *.trevorwalsh.art
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache/conf/trevorwalsh.art.crt"
SSLCertificateKeyFile "/opt/bitnami/apache/conf/trevorwalsh.art.key"
DocumentRoot /opt/bitnami/wordpress
# BEGIN: Configuration for letsencrypt
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# END: Configuration for letsencrypt
<Directory "/opt/bitnami/wordpress">
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride None
Require all granted
# BEGIN WordPress fix for plugins and themes
# Certain WordPress plugins and themes do not properly link to PHP files because of symbolic links
# https://github.com/bitnami/bitnami-docker-wordpress-nginx/issues/43
RewriteEngine On
RewriteRule ^bitnami/wordpress(/.*) $1 [L]
# END WordPress fix for plugins and themes
# BEGIN nip.io redirection
RewriteEngine On
RewriteCond %{HTTP_HOST} ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(:[0-9]{1,5})?$
RewriteRule ^/?(.*) %{REQUEST_SCHEME}://%1.nip.io%2/$1 [L,R=302,NE]
# END nip.io redirection
# BEGIN WordPress Multisite
# Using subdomain network type: https://wordpress.org/support/article/htaccess/#multisite
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
# END WordPress Multisite
</Directory>
Include "/opt/bitnami/apache/conf/vhosts/htaccess/wordpress-htaccess.conf"
</VirtualHost>
File --> /opt/bitnami/apache2/conf/vhosts/wordpress-vhost.conf
<VirtualHost 127.0.0.1:80 _default_:80> ServerAlias * DocumentRoot /opt/bitnami/wordpress
# <VirtualHost _default_:80> # BEGIN: Configuration for letsencrypt
# BEGIN: Configuration for letsencrypt
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# END: Configuration for letsencrypt
<Directory "/opt/bitnami/wordpress">
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride None
Require all granted
# BEGIN WordPress fix for plugins and themes
# Certain WordPress plugins and themes do not properly link to PHP files because of symbolic links
# https://github.com/bitnami/bitnami-docker-wordpress-nginx/issues/43
RewriteEngine On
RewriteRule ^bitnami/wordpress(/.*) $1 [L]
# END WordPress fix for plugins and themes
# BEGIN nip.io redirection
RewriteEngine On
RewriteCond %{HTTP_HOST} ^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(:[0-9]{1,5})?$
RewriteRule ^/?(.*) %{REQUEST_SCHEME}://%1.nip.io%2/$1 [L,R=302,NE]
# END nip.io redirection
# BEGIN WordPress Multisite
# Using subdomain network type: https://wordpress.org/support/article/htaccess/#multisite
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]
# END WordPress Multisite
</Directory>
Include "/opt/bitnami/apache/conf/vhosts/htaccess/wordpress-htaccess.conf"
</VirtualHost>
Lastly, I verified that I had the correct parameters in the 'wordpress-htaccess.conf' file seen below after reviewing the information seen in the following doc:- [3] Understand Default .Htaccess File Configuration - Add A New Section In The .Htaccess File
File --> /opt/bitnami/apache2/conf/vhosts/htaccess/wordpress-htaccess.conf
<Directory "/opt/bitnami/wordpress/wp-content/plugins/akismet">
# <Directory "/opt/bitnami/wordpress">
# Only allow direct access to specific Web-available files.
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Deny,Allow
Deny from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Akismet CSS and JS
<FilesMatch "^(form\.js|akismet\.js|akismet\.css)$">
<IfModule !mod_authz_core.c>
Allow from all
</IfModule>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</FilesMatch>
# Akismet images
<FilesMatch "^logo-(a|full)-2x\.png$">
<IfModule !mod_authz_core.c>
Allow from all
</IfModule>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</FilesMatch>
</Directory>
However I can not get the Forcing HTTP/HTTPS Redirect to work and after attempting to resolve this myself I need help as I maybe missing something here.
Thanks in advance for your help.
you need to