Hello, I am completely lost on what I am doing wrong and any help will be greatly appreciated. I currently host my website on a DigitalOcean droplet on a Google domain. I am running Ubuntu 18.04 and Apache/2.4.29. Currently, only https://mywebsite.com and https://www.mywebsite.com work. When I simply type in mywebsite.com, it times out without properly forwarding it to the https version. I installed my SSL certs through Certbot when I created my droplet and I have the following certs set up: Certs
My networking DNS records on DigitalOcean are set up as follows: DigitalOcean DNS
My Google Domains DNS records are set up as follows: Google DNS
I am utilizing the Really Simple SSL plugin on Wordpress, which DOES say SSL is enabled on my site and 301 redirect to https is set in the .htaccess file. Really Simple SSL Settings
My .htaccess file contains the following code:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ https://(my_domain_is_here).com/$1 [L,R=301]
</IfModule>
# BEGIN rlrssslReallySimpleSSL rsssl_version[3.3.1]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL
# BEGIN Really_Simple_SSL_SECURITY_HEADERS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security: "max-age=31536000"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy: "no-referrer-when-downgrade"
</IfModule>
# END Really_Simple_SSL_SECURITY_HEADERS
# BEGIN WordPress
# The directives (lines) between `BEGIN WordPress` and `END WordPress` are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# Wordfence WAF
<IfModule mod_php5.c>
php_value auto_prepend_file '/var/www/html/wordfence-waf.php'
</IfModule>
<IfModule mod_php7.c>
php_value auto_prepend_file '/var/www/html/wordfence-waf.php'
</IfModule>
<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
# END Wordfence WAF
My SSL Labs report contained the following results for my cert: SSL Labs Results
What am I doing wrong? Any help will be GREATLY appreciated. Thanks so much! - Nick
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi there @nickplatt4,
Your DNS looks correct actually. The problem is most likely either your firewall or your Apache virtual host.
I could suggest a few things:
-
Make sure to open port 80 for incoming TCP connections
-
Check your website’s virtual host and make sure that you have a virtual host for port 80
You can find your Apache Vhosts at:
/etc/apache2/sites-enabled
You can also check this by running this command here:
- sudo apachectl -S
Feel free to share the current configuration here so that I could try to advise you further.
Regards, Bobby
