WordPress.org

Ready to get started?Download WordPress

Forums

WordPress HTTPS (SSL)
[resolved] 3.03 does not secure Admin front page even w/ option checked (20 posts)

  1. sjpanther01
    Member
    Posted 2 years ago #

    I have both "Force SSL Administration" and "Force SSL Exclusively" check in WordPress HTTPS. However, when I go to my Admin page without specify HTTPS in the URL it serves the page with HTTP--I would expect it to redirect to HTTPS since "Force SSL Admin" is set. This worked in earlier versions. I've tried in both FF and Chrome with same results.

    http://wordpress.org/extend/plugins/wordpress-https/

  2. fwchapman
    Member
    Posted 2 years ago #

    I'm having exactly the same problem: "Force SSL Administration" isn't working on the login page.

    Also, after I log out, the "Back to ..." link takes me to an HTTPS version of the home page, even though I checked "Force SSL Exclusively." I have not checked "Secure Front Page."

    I'm currently using WordPress 3.3.2 and plugin 3.0.3. This functionality worked for me under WordPress 3.3.1 and plugin 2.0.4.

  3. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Could either of you send me a login for your site so I can take a look?

  4. sjpanther01
    Member
    Posted 2 years ago #

    Is there a private email where I can send it?

  5. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Yes, mike[at]mvied[dot]com.

  6. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    I've investigated this issue on sjpanther01's site and I can see no reason why it's not working. This feature works fine on every other server I've tested it on. I got to debug the code on his server, and I could not figure it out.

    One line, here, registers the redirect check method.
    add_action('template_redirect', array(&$this, 'redirect_check'));

    In the redirect_check method, if I put a statement that would kill the page, it never runs. I don't know why, but it must be from another plugin or theme.

    Thanks,
    Mike

  7. sjpanther01
    Member
    Posted 2 years ago #

    I would be curious if the other person who reported having this problem might provide some info or at least his hosting information.

    Also, given that this happens at the Admin login screen, is it really likely a plugin or theme conflict?

  8. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Hey sjpanther01,

    All I know is I'm telling WordPress to run a hook and it's not. The only thing I can think of is maybe this hook isn't called on the login page, but that doesn't make sense because it works on every other site I've tested it on.

    Thanks,
    Mike

  9. fwchapman
    Member
    Posted 2 years ago #

    Mike, I'd like to add that plugin 2.0.4 works perfectly with the WordPress 3.3.2 update in my shared SSL certificate configuration. Plugin 3.0.3 does not break the display of graphics on my site the way that 3.0.2 did, so that is progress! I'm reverting back to 2.0.4 on my production sites for the time being. I'll see if I can set up a site for you to test later this week. -Fred

  10. sjpanther01
    Member
    Posted 2 years ago #

    I deactivated all plugins and I still can't bring up Admin login page without explicitly typing "https://" with version 3.03.

  11. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Hey sjpanther01,

    I can't fix it. It doesn't make sense. This problem does not happen for anyone else.

    I think Fred is having a separate issue. He has a very different setup.

    Thanks,
    Mike

  12. fwchapman
    Member
    Posted 2 years ago #

    Mike,

    Here's some additional info on the testing I did. I deactivated all plugins except yours, and I switched to the Twenty Eleven theme. The behavior was the same as when all my other plugins are active and I use the Genesis theme framework from StudioPress. It looks like we can rule out a plugin or theme conflict.

    Also, I should say that "Force SSL Administration" works partially. It doesn't always invoke HTTPS in the URL on the login page, but it does always invoke HTTPS on the login form within the login page. Logins are actually secure, even if they don't look that way!

    Fred

  13. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Hey Fred,

    I can try the same things I tried on sjpanther01's site, but no promises that I can get it to work. I don't know how you troubleshoot something like a hook (the essence of all plugins) when it just doesn't work for a couple of people.

    Thanks,
    Mike

  14. sjpanther01
    Member
    Posted 2 years ago #

    Mvied,

    It appears others on this forum are seeing this problem. I am still seeing this issue and have checked with my host. Could it be that how you are calling your hook is incompatible with current WordPress 3.3.2? Turning on WordPress DEBUG I get the following:

    Notice: wp_enqueue_script was called incorrectly. Scripts and styles should not be registered or enqueued until the wp_enqueue_scripts, admin_enqueue_scripts, or init hooks. Please see Debugging in WordPress for more information. (This message was added in version 3.3.) in /home/norman/public_html/wp-includes/functions.php on line 3587

    Notice: Undefined variable: url_parts in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Filters.php on line 82

  15. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Well, the first Notice isn't from my plugin, but the second is actually a bug. Go ahead and re-download the plugin from the Dashboard and see if anything changes. At the very least you should stop receiving the Notice.

  16. sjpanther01
    Member
    Posted 2 years ago #

    Where should I download get the updated version? It's not visible in my dashboard. Or, are you implying for me to wait until WordPress.org notifies me of a new version?

  17. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Uninstall it and re-install it from the Dashboard.

  18. sjpanther01
    Member
    Posted 2 years ago #

    Still trying to get things to work. I noticed some "undefined" variables and mismatched arguments in my PHP error logs. See below.
    =======

    [30-Apr-2012 07:07:32] PHP Notice: Undefined offset: 0 in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 215
    [30-Apr-2012 07:07:32] PHP Notice: Undefined index: path in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 381
    [30-Apr-2012 07:07:32] PHP Notice: Undefined index: path in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 395
    [30-Apr-2012 07:07:32] PHP Notice: Undefined index: path in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 395
    [30-Apr-2012 07:07:32] PHP Notice: Undefined variable: force_ssl in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 416
    [30-Apr-2012 07:07:32] PHP Notice: Undefined variable: force_ssl in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 416

    [04-May-2012 15:32:32] PHP Warning: array_merge() [function.array-merge]: Argument #1 is not an array in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 212
    [04-May-2012 15:32:32] PHP Warning: array_merge() [function.array-merge]: Argument #2 is not an array in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 212
    [04-May-2012 15:33:08] PHP Warning: array_merge() [function.array-merge]: Argument #1 is not an array in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 212
    [04-May-2012 15:33:08] PHP Warning: array_merge() [function.array-merge]: Argument #2 is not an array in /home/norman/public_html/wp-content/plugins/wordpress-https/lib/WordPressHTTPS/Module/Parser.php on line 212

  19. sjpanther01
    Member
    Posted 2 years ago #

    By the way, I experimented and went back to 2.04 and everything worked as it should w.r.t. the login page. Of course, "redirect loop" issues in this version.

  20. fwchapman
    Member
    Posted 2 years ago #

    Update: I'm using plugin Version 3.0.4 now, and it has resolved all my problems except for one: it still uses HTTPS on the back-to-website link when the login page is secured with SSL. I did a lot of research on this problem, developed a simple plugin to solve it, and posted all my findings here.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic