We are extremely pleased with DigitalOcean and the setup for Let’s Encrypt when flawlessly. But now we have a problem.

Our Wordpress site, mmsa.org, features a wonderful new national service called The Connectory. This service connects people with STEM activities in our state of Maine and throughout the nation.

Unfortunately, the data provided on our page from The Connectory — currently located at https://mmsa.org/stem-resource-bank/ — isn’t providing their data from a secure source. So we need to make that page and every sub-page un-encrypted.

How do we do this?

I’ve modified .htaccess with every redirect, rewrite, configuration I can find here and on many other forums, but that won’t stop this one page from using SSL.

I am under the impression .htaccess isn’t the way to go. Instead, I must have to edit the configuration elsewhere.

Here’s my .htaccess:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

What I discovered is a file called 000-default-le-ssl.conf appears to be what is responsible for making the site secure.

This is the contents of that file:

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/mmsa.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mmsa.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName mmsa.org
</VirtualHost>
</IfModule>

I also have a file called 000-default.conf which looks like this:

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mmsa.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

What do I need to change to make all requests of and inside of mmsa.org/stem-resource-bank not use https? I feel like the answer is in front of me but I lack the knowledge or direction as to how to correctly change this information. I also can’t find anything on Google that gives a good example to follow.

Thanks!
-Alex

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Can you give the link to the non-secure source data? And what is com-api.onl supposed to do?

Tell me how you did it?
I have a website on Wordpress for https. There are CDN - which is on the http. HLS-player by http - it works. By https - no.

Submit an Answer