New to the community? Start here

Domain Mapping, SSL Errors on signup

Hi there, As of right now I have two issues that I would like help resolving.

#1: I have entered in my shared public IP, Dedicated IP and my own WAN IP with eNom, but it still refuses to let me authenticate. I have had countless of support tickets and calls to them. This prevents the Reseller Tab from showing. I have it networked enabled. I am on GoDaddy, if that makes a difference.

#2: Secondly, I only have a standard SSL. Whenever someone signs up, the link provided is an HTTPS link, as I use Force SSL using Stripe. As you can assume, the https link to the users new site to push a security issue, unless they manually bypass it, or remove the HTTPS. Or return to the site using their standard domain.com/wp-login.php. But, people will obviously click on the link there and see the warning.

#3: Thirdly, I really like to push Free Sites on my website. Is there anyway to make a column with the free site? I have read various of other articles, but they did not seem to work correctly on my site. Most of my income should come from ads and domain resllers (AHH, See the first issue!) :slight_smile:

Wed, 6 Apr 2016 15:36:27
  • Kasia Swiderska
    • Support nomad

    Hello Blake

    #1: I have entered in my shared public IP, Dedicated IP and my own WAN IP with eNom, but it still refuses to let me authenticate. I have had countless of support tickets and calls to them. This prevents the Reseller Tab from showing. I have it networked enabled. I am on GoDaddy, if that makes a difference.

    There is smilar issue described here with eNom and GoDaddy https://wpmudev.com/forums/topic/enom-bad-username-password-domain-mapping-plugin – are errors you see the same or different? Did you check with eNom if they Whitelisted your IP?

    #2: Secondly, I only have a standard SSL. Whenever someone signs up, the link provided is an HTTPS link, as I use Force SSL using Stripe. As you can assume, the https link to the users new site to push a security issue, unless they manually bypass it, or remove the HTTPS. Or return to the site using their standard domain.com/wp-login.php. But, people will obviously click on the link there and see the warning.

    Do you mean you have self signed certificate? In order for web-browsers to trust the certificate that the server has presented, the SSL certificate must be issued by a valid Certificate Authority (CA). So self signed certificates will always show this – you would need to purchase SSL cerificate to resolve this issue.

    #3: Thirdly, I really like to push Free Sites on my website. Is there anyway to make a column with the free site?

    If you are using Pro Sites you can create level with price 0 (you would first create level with price above 0 and then edit – and change it to 0 – this is already reported bug editing level price will work).

    kind regards,

    Kasia

  • Blake
    • Syntax Hero

    Hi there, I actually have a SSL purchased with GoDaddy, not a self signed one.

    I reviewed that article, and I have had my IP whitelisted by eNom. I have even tried using Test Mode (In Test Mode, you whitelist your own IPs), and it still is saying I am not being permitted from this IP address.

    If I create a level that is $0, will that require them to go through payment methods? I have a lot of students signing up, and not many have a Paypal or credit card.

  • Nithin Ramdas
    • Support Wizard

    Hey Blake,

    Apologies for the delay, the “User not permitted from this IP address” message has to do more with Enom’s authentication, as it tries to prevent unauthorised users. This can happen if it’s not the right IP or not correctly setup, and has less to do with the plugin itself.

    Could you also check with your host that the IP for sending and receiving are the same. Would recommend you to confirm whether the request are being routed by any other IP.

    #2: Secondly, I only have a standard SSL. Whenever someone signs up, the link provided is an HTTPS link, as I use Force SSL using Stripe. As you can assume, the https link to the users new site to push a security issue, unless they manually bypass it, or remove the HTTPS. Or return to the site using their standard domain.com/wp-login.php. But, people will obviously click on the link there and see the warning.

    Do you still have issue with this, if I’m not mistaken, there is an option to force http/https for frontend/admin under Settings > Domain Mapping. For more information please check this link.

    If I create a level that is $0, will that require them to go through payment methods? I have a lot of students signing up, and not many have a Paypal or credit card.

    If I’m not mistaken, free level with a Prosites would be where one don’t have to signup, registering a new site will make it free. Paypal cannot process a $0. If you wan’t to make use of a level, you could try the manual payment gateway and manually extend your site to your level.

    I hope this helps. Have a nice weekend. :slight_smile:

    Best Regards,

    Nithin

  • Nithin Ramdas
    • Support Wizard

    Hi Blake,

    Hope you are doing good today. :slight_smile:

    Hi there, I have indeed contacted my host (GoDaddy) several times. I was told that the server does not allow outgoing requests, only incoming. I have never heard of this happening with domain mapping, I do have my own dedicated IP.

    I did find a similar issue in another thread you can find it here: https://wpmudev.com/forums/topic/enom-is-reporting-error-with-settings-of-domain-mapping-plugin#post-558223

    One of our developers explains further on, how the domain mapping plugin plays along with eNom, here: https://wpmudev.com/forums/topic/user-not-permitted-from-this-ip-address-4#post-700251

    As stated above, the issue has less to do with the plugin itself. If you still think it’s a plugin issue, could you please grant support staff access so I can take a closer look. You can grant access from WPMU DEV > Support > Support Access > Grant Access or check this manual.

    https://wpmudev.com/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Here is the issue with the HTTPS: http://screencast.com/t/i9UcfgpTbz5e

    I want the “Login Now” and the straight link to the users admin page using HTTPS.

    Thank you for the link, just to be clear, does your SSL certificate have wildcard subdomains? You need wildcard SSL certificate to setup subdomains in multisites. This might be the reason for the user’s admin page to not work as expected.

    A Standard SSL can be used for multisite installs with subdirectory path only. Please check this link for more details.

    Please let us know how that goes, happy to troubleshoot if you still have any problem. :slight_smile:

    Best Regards,

    Nithin

  • Blake
    • Syntax Hero

    HI there, I am doing well. :slight_smile: I hope you are too.

    I am aware that it has less to do with the plugin itself. I figured the gurus of WordPress would be able to help me more then the stubborn folks at GoDaddy and my limited (but learning!) knowledge of wordpress.

    I reviewed that article, the customer that posted that question got his to work.

    I am trying now this: http://stackoverflow.com/questions/3966527/dynamically-get-outgoing-ip-address-with-php

    placed a script on my hosters webserver with this Content:

    <?php

    $my_external_ip = file_get_contents(“http://myip.is/index.php&#8221:wink:;

    echo $my_external_ip;

    ?>

    I asked eNom to ADD the IP I have figured out that way, hoping it will work then. Do you want to be updated if it worked or not?

    Kind Regards,

    Manuel

    I took note of this, however, I am not sure how to view the IP that is given from the script. GoDaddy is not being of any help, saying they can not give me the IP address being used.

    __________________________________________

    My SSL is a single site only. There is no information on the subsites that require SSL. Is there anyway to set the link shown in the video to HTTP instead of HTTPS? It is obiously bad to have users click on the link given to them, and have it say a security issue. Obviously, there isn’t but, some would be convinced otherwise.

  • Rupok
    • Ex Staff

    Hi Blake

    Hope you had a wonderful day.

    I am not sure how to view the IP that is given from the script

    Go to your file manager in your cPanel / Hosting Manager. There, create a new file in the root directory of your domain with .php extension. Then paste the code inside that file, save it, close it.

    Suppose your filename is “iptest.php”, so you will go to “https://yoursite.com/iptest.php&#8221; and that will show your external IP address. Please replace yoursite.com with your real domain.

    Is there anyway to set the link shown in the video to HTTP instead of HTTPS?

    Can you try the solution Michelle Shull suggested here: https://wpmudev.com/forums/topic/force-https-ssl-on-mainsite-and-http-on-subsites#post-897621

    Please let us know if you have any confusion. We will be glad to help.

    Have a nice day. Cheers!

  • Blake
    • Syntax Hero

    Hiya there! Thanks for the response.

    I entered the IP into the test account with eNom, and it is seeming to work! I submitted the IP to their helpdesk to be officially whitelisted within my account.

    Once I can officially confirm that it will work in production mode, and everything is successful, I will be extremely happy! THANK YOU.

    1 for 2 isn’t bad, but let’s make it 2 for 2. :wink:

    I installed the Plugin Michelle recommended, however, when signing up for a site, and the links displayed are still HTTPS, which leads to the security issue.

  • Blake
    • Syntax Hero

    Hey there – Unfortunately, it didn’t work. Perhaps my fill in the blank (meaning replacing the domain name from that person’s site to mine) in the .htaccess code wasn’t correct. I even tried the real time find and replace, and it still wrote the command to https!

    I understand that what I am trying to do is not an easy task, but, a friend once told me that anything is possible with code! :slight_smile:

  • Rupok
    • Ex Staff

    Hi Blake

    Hope you had a wonderful day.

    Well, I’m flagging our SLS Team now as they can give you best idea regarding this. Please keep in mind, our SLS Team work round the clock and they have to deal with lots of critical issues and other things. So it may take a little while for them to check this and provide their valuable feedback on this.

    Have a nice day. Cheers!

  • Michael Bissett
    • Recruit

    Hey Blake, Michael here!

    I’ve been looking into this here, and right now, the only way I’m seeing to do this would require a little editing of Pro Site’s code (so you’ll want to note down the changes for the future, as they’ll be lost on an update).

    Inside of:

    /pro-sites/pro-sites-files/lib/ProSites/View/Front/Gateway.php

    You’ll want to edit lines 559 & 631 from this:

    $blog_admin_url = admin_url();

    To this:

    $blog_admin_url = admin_url('/', 'http');

    (if that code should not show up on those lines for some reason, then you’ll want to search for the initial code mentioned within the file, should show up only twice in the file)

    Once you do that, you should see that the admin URL generated for a subsite at the end of the signup process is a http:// URL, rather than being a https:// URL.

    Kind Regards,

    Michael

  • Blake
    • Syntax Hero

    Hey there Michael Bissett ! Thanks for replaying.

    I have modified the proper code, but, it seems that it now takes users to https://citiera.com/wp-admin.

    But, when you click on the link, it takes you to the login page of the subsite. And, still the HTTPS warning. :slight_frown:

    I have disabled Hummingbird, so caching is not on, and using Private mode in Firefox and Edge.

    http://screencast.com/t/yoUAeFPz

    Here is the code around line 559:

    $blog_id    = $render_data['new_blog_details']['blog_id'];
    

    
switch_to_blog( $blog_id );
    
$blog_admin_url = admin_url('/', 'http');
    
restore_current_blog();
    

    
$content .= '<h2>' . esc_html__( 'Finalizing your site...', 'psts' ) . '</h2>';

    And the code around 631:

    switch_to_blog( $blog_id );
    
$blog_admin_url = admin_url('/', 'http');
    
restore_current_blog();
    

    
$content .= '<h2>' . esc_html__( 'Finalizing your site...', 'psts' ) . '</h2>';

  • Nithin Ramdas
    • Support Wizard

    Hi Blake,

    I did test your site and could see the /wp-admin being redirected to https. It looks a bit odd, the code provided above should have worked, are you using any plugin to force ssl? There could be some hooks filtering it.

    If its okay for you then please grant support staff access so I can take a closer look. You can grant access from WPMU DEV > Support > Support Access > Grant Access or see this manual.

    https://wpmudev.com/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Kind Regards,

    Nithin

  • Blake
    • Syntax Hero

    Hey Michael Bissett

    Sorry to bring this up again, but Pro Sites 3.5.4 seems to have removed $blog_admin_url = admin_url();, so I can not replace the code. Any advice? Or should I roll back Pro Sites?

    EDIT: I was actually a brave soul and downloaded 3.5.2 and found the Gateway.php, and changed the code from the older version, then uploaded replaced the Gateway.php from the 3.5.4 install. It seems to be working fine…so far….

  • Nithin Ramdas
    • Support Wizard

    Hi Blake,

    Hope you are doing good today. :slight_smile:

    Would recommend that you use the latest version of Pro Site, in the latest version you will only have to edit a single line, please edit the line 581 in the Gateway.php file to this:

    $blog_admin_url = get_admin_url( $blog_id, '/', 'http' );

    I hope this helps. Please let us know if you need any further help. Have a nice day. :slight_smile:

    Kind Regards,

    Nithin