Upon migrating over, I wanted to be sure to take advantage of the shared SSL BlueHost provides in order to keep my WordPress login and admin area more secure. Little did I know, it was a bit more daunting to figure out then I expected it to be. Since it took me nearly 2 days to figure out the solution, I wanted to share it the “interwebs.”

First of all, the Admin SSL plugin that pops-up everywhere on Google when searching for using WordPress with shared SSL doesn’t work and the author seems to have stopped supporting the shared SSL functionality of it. So, that was a bust.

So, after playing around a bit, I added the following to my wp-config file, replacing USERNAME with my BlueHost user name and BLOG_DIRECTORY with the path to where I installed WordPress (note: this is specific to BlueHost):

define('WP_SITEURL', 'https://secure.bluehost.com/~USERNANAME/BLOG_DIRECTORY');

From there, I needed to insure my ‘wp-content’ folder stayed intact, so I also added the following to the wp-config file (this can be altered in the “Miscellaneous Settings” section as well):

define('WP_CONTENT_URL', 'http://blog.justinkorn.com/wp-content');

These two changes seemed to make everything work properly. When I attempt to login via wp-login.php, I am redirected to the shared SSL url and when I upload new content, everything goes to the proper place with in the wp-content directory.

The only caveat that I have seen so far is after clicking around within the admin area a few times, I receive the following message:

Too many requests received. Please wait a few minutes and try again.

Eventually the message goes away and I’m able to work again, so it’s not the end of the world, but it is a bit annoying.

In the end, however, I have a secure WordPress Admin area and I’m not shelling out the $30/yr for the dedicated IP or however much it is for the private SSL certificate. Hopefully this setup will prove to last; only time will tell.

Till next time…

The Situation

I am hosting my companies new blog with DomainsMadeEasy (identical to GoDaddy — I have not investigated if the two companies are related, but at first site, you’d assume they are since all of the tools used for domain registration, management, hosting, etc. are identical) on a Windows server (need it for some ASP.NET development we are doing).

In any case, I am hosting www.mydomain.com and the WordPress blog is using the subdomain, blog.mydomain.com. After everything was setup and ready to go, I wanted to ensure the 404 page setup within WordPress was working properly. So, I typed in a bogus address, http://blog.mydomain.com/dsifsdf, to see what I got. Sure enough, I received the ugly default 404 page. In other words, WordPress wasn’t picking up the 404.

Since DomainsMadeEasy does not delegate the “Error Handler” setting on Windows servers, I was unable to work with the web.config file and as I mentioned earlier, moving to Linux to use the .htaccess file was not an option. After hours of searching, a few calls to support and being told it is “impossible,” I finally took a break. When I returned to the issue, the answer dawned on me…

The Solution

In short, it kind of IS impossible to use custom 404 pages for each subdomain and therefore need to trick the server. You can only have one 404 page under the main domain. This also means, if you have an account that allows hosting multiple domains, whatever domain you setup as the primary will be forced to host the 404 page. Example: mydomain.com is the primary, but I’m also hosting thisdomain.com under the same account. If a 404 is served for thisdomain.com, the 404 page for mydomain.com will actually be served…not cool.

Well, the answer ended up being quite simple, though, not perfect). With a little PHP coding, you can create a 404 page that actually redirects to the 404 page of the domain you wish.

First, you need to setup your custom 404 pages for each domain and subdomain you want a custom 404 page for. If you are using WordPress, you can setup a new page from your admin tools to serve this purpose. Note: with the below solution, WordPress will not know this is a 404 error coming through.

Next, you need to create a 404.php page to use under the primary domain. This page will filter the incoming request and forward it on to the appropriate custom 404 page you just setup. My PHP code within this page, looks something like…

$ref = $_SERVER['SERVER_NAME'];
if(strpos($ref, "otherdomain.com"))
{
header( 'Location: http://otherdomain.com/errorpage' ) ;
}
elseif(strpos($ref, "blog.mydomain.com"))
{
header( 'Location: http://blog.mydomain.com/errorpage' ) ;
}
else
{
header( 'Location: http://www.mydomain.com/error/' ) ;
}


After your 404.php page is set, upload it to your host. I put mine right in the root of mydomain.com. Once your 404.php page is uploaded and in place, login to your hosting account. Once logged in, navigate to the 404 page settings. For GoDaddy and DomainsMadeEasy, this is under Settings, 404 Error Behavior. From there, select the “Use custom page” option. Set the option to point to your 404.php file: http://www.mydomain.com/404.php (note, the http://www.mydomain.com/ part of the entry can not be altered. You should only be typing 404.php into the text box, unless you placed the 404.php file into a subfolder). Once you think the setting looks correct, click on “Continue” and save your changes.

After 10 – 30 minutes, your settings should update and you should now have a custom 404 page for every domain you have hosted under your account.

That’s all there is to it. I hope this helps someone out there.

Till next time…