How to disable HTTPS and redirect HTTPS to HTTP in Wordpress?

Question

The client just wanted to test the site without pointing the domain to the new server. We just want to test the site in port80 (HTTP) only, since they haven't the purchased SSL yet.

So the website is set up at http://<ip-address> and we are using ip to test it.

But the problem is, all the themes (css/js files) are loaded over HTTPS. We need to disable it and load these files over HTTP only.

What I have tried so far that didn't work for me

1. htaccess

       RewriteEngine On
       RewriteCond %{HTTP} !=on
       RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

2. _wp_options Table

3. wp-config.php

   define('FORCE_SSL_ADMIN', true);

4. General Settings

But unfortunately this doesn't work.

The problem is all css are loaded in HTTPS but these files exists when you try them to search in browser using http

Answer 1

There are a quite few things that could cause this, so there are lots of things you can try - I've listed as many I can think of below. You have already done some, but I'm including them here for completeness, in case someone else is searching with the same issue.

---

1. Set WP_CONTENT_URL in wp-config.php

Your WP_CONTENT_URL might be using HTTPS. As the issue is with including your theme files, this is the first thing I'd suggest checking out.

Try adding this to wp-config.php to force the website to use HTTP when including from the wp-content folder:

define( 'WP_CONTENT_URL', 'http://www.www.example.com/wp-content' );

---

2. Set WP_HOME and WP_SITEURL in wp-config.php

Set the WP_HOME and WP_SITEURL in wp-config.php to use HTTP. This will override whatever was set in the WP Settings.

define('WP_HOME','http://www.example.com');
define('WP_SITEURL','http://www.example.com');

You can also confirm what the values are in the database by querying the wp_options table and look for siteurl and home values, as you have already tried.

---

3. Redirect HTTPS to HTTP in .htaccess

I know you have this done already, but you could try it by checking if HTTPS on rather than HTTP is not off. (Also note - 302 redirect because this is not permanent!)

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=302,NE] 

---

4. Hard-coded URLs the WP database

WP writes the full URL to the database, so there could be instances of urls using HTTPS in the db. You could check each table directly in the database, but I find the plugin "Better Search Replace" quicker and easier to use. You can do a "dry run" to search for instances of "https://www.example.com". If it finds any, you can use the plugin to replace them all (but as always, make sure you do a db backup first before making any changes directly to your db!!)

Better Search Replace plugin on wordpress.org

---

5. Plugins

Some plugins might be trying to force SSL. There are the obvious ones like Really Simple SSL, but other plugins can also do this, such as security & optimisation plugins - I know iThemes Security does.

If all else fails, try disabling the plugins to check.

---

6. Hardcoded URLs in theme files or plugin files

It is unlikely with commercial themes & plugins, but it is possible that HTTPS is hard-coded into the theme files. Do a full search or try disabling the plugins and changing the theme to a default WP theme to check.

---

7. Caching

Your browser, server, caching plugins, minimizer plugins (for CSS & JS) might have HTTPS in the cache (Unlikely in your case, but I'll mention it anyway). Even other less obvious plugins can have caches too, such as gallery plugins.

Clear all your caches including your browser, turn off caching plugins, etc.

You could also try adding this try adding the following to wp-config.php

define( 'WP_CACHE', false );

---

8. Admin

Make sure you are not forcing SSL for the admin area - add/change the following line in wp-config.php

define('FORCE_SSL_ADMIN', false);

---

I've run into this problem for similar reasons, and if the first 4 steps don't work I find it's usually a caching issue.

I hope that helps, there a lot of things you can try, and if that doesn't fix it I'm out of ideas!!

Answer 2

All the information was useful, but the location of the FORCE_SSL_ADMIN option was important (I initially placed it at the end of wp-config.php and it did not work for me):

Enable/Disable SSL Admin on WordPress website

You can do that by adding/changing this line to your wp-config.php file (located in your WP main directory):

• enable SSL for admin

define('FORCE_SSL_ADMIN', true);

• disable SSL for admin

define('FORCE_SSL_ADMIN', false);

Add it before the line - important :

/* That's all, stop editing! Happy blogging. */

After these changes, your website will work over SSL. Of course, if you want to disable SSL you need to revert changes.

Source:

https://www.pixelemu.com/documentation/wordpress-tutorials/how-to-enable-disable-ssl