If I could chip in below...

On 09/07/2022 13:45, Paul Lewis via BitFolk Users wrote:
<snip>

The first thing that strikes me is that this virtualhost is only for
port 80. Port 443 (https) connections aren't going to hit this vhost
at all, I don't think. Where do port 443 connections go?

 

[PJL] Yes, you’re right, I didn’t include the SSL VirtualHost, which is pretty much identical, but with SSL certificates and configured and the RewriteConds commented out:

 

<IfModule mod_ssl.c>

<VirtualHost *:443>

        DocumentRoot /var/www/savouredescapes

        ServerName www.savouredescapes.com

     ServerAlias savouredescapes.com origin-www.savouredescapes.com www-test.savouredescapes.com

     <Directory /var/www/savouredescapes/>

           AllowOverride All

     </Directory>

        ErrorDocument 403 /error/noindex.html

        ErrorLog ${APACHE_LOG_DIR}/savouredescapes-error.log

        CustomLog ${APACHE_LOG_DIR}/savouredescapes-access.log combined

RewriteEngine on

# Some rewrite rules in this file were disabled on your HTTPS site,

# because they have the potential to create redirection loops.

 

# RewriteCond %{SERVER_NAME} =savouredescapes.com [OR]

# RewriteCond %{SERVER_NAME} =origin-www.savouredescapes.com [OR]

# RewriteCond %{SERVER_NAME} =www.savouredescapes.com [OR]

# RewriteCond %{SERVER_NAME} =www-test.savouredescapes.com

# RewriteRule ^ https://www.savouredescapes.com%{REQUEST_URI} [END,NE,R=permanent]

 

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/savouredescapes.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/savouredescapes.com/privkey.pem

</VirtualHost>

</IfModule>


Note: Let’s Encrypt sets up the redirect rules for the HTTP virtual host (I edit the RewriteRule to go to the specific www URI I want, rather than using the generic ${SERVER_NAME} URI Let’s Encrypt adds by default), and comments them out in the HTTPS virtual host, to avoid potential redirect loops, as per the comment. I think I could re-enable these rules without creating those loops, but as you point out below, it doesn’t seem that Apache’s doing the redirects anyway, so maybe this config is all just pointless and should be removed.

<snip>

I would definitely suggest uncommenting as below so that https requests are correctly redirected to https://www.savouredescapes.com%{REQUEST_URI} then checking if Apache is logging connections to those URLS or Wordpress is intercepting first (are any of the non-final URLs in your list of sites in Wordpress?).

RewriteCond %{SERVER_NAME} =savouredescapes.com [OR]

RewriteCond %{SERVER_NAME} =origin-www.savouredescapes.com [OR]

# RewriteCond %{SERVER_NAME} =www.savouredescapes.com [OR]

RewriteCond %{SERVER_NAME} =www-test.savouredescapes.com

RewriteRule ^ https://www.savouredescapes.com%{REQUEST_URI} [END,NE,R=permanent]


Gavin