WordPress.org

Ready to get started?Download WordPress

Forums

WordPress HTTPS (SSL)
[resolved] REQUEST: Filter home_url to change HTTPS to HTTP (8 posts)

  1. fwchapman
    Member
    Posted 2 years ago #

    Hi Mike,

    I'm using Version 3.0.4 of your plugin in a shared SSL environment, and everything is working fine for me, except for one minor issue. You actually addressed this issue already in Version 2.0.4, but some handy older functionality got lost when the plugin was totally rewritten.

    When the login page is secured with SSL, the default behavior of wp-login.php causes the back-to-website link to use HTTPS instead of HTTP. This effectively breaks the link in environments with a shared SSL certificate, because shared SSL does not recognize the site's custom URL. This behavior is hard-coded into the WordPress home_url function; it uses HTTPS on pages secured by SSL, unless the optional scheme parameter overrides the page's protocol. Since wp-login.php doesn't use the scheme parameter when it calls home_url, we get this (often undesirable) default behavior.

    You addressed this in Version 2.0.4 of your plugin by filtering the home_url function with a string-replacement function that changes HTTPS to HTTP. I've created a very simple plugin of my own that does this for me:

    <?php
    /*
    Plugin Name: Force HTTP
    Description: Force back-to-website link in wp-login.php to use HTTP when secured by SSL. Inspired by WordPress HTTPS plugin Version 2.0.4. Thanks, Mike Ems!
    Version: 1.0
    Author: F.W. Chapman Solutions
    Author URI: http://www.fwchapman.com/
    License: Use at your own risk! You're welcome. :)
    */
    
    add_filter( 'home_url', 'force_http' );
    
    function force_http( $string ) {
    	return str_replace( 'https://', 'http://', $string );
    }
    
    ?>

    Would you be willing to add this functionality back to your updated plugin? It's way too handy to do without!

    Thanks very much,

    Fred

    P.S. My current request is a continuation of a discussion we started a month ago here and continued here.

    http://wordpress.org/extend/plugins/wordpress-https/

  2. fwchapman
    Member
    Posted 2 years ago #

    Mike, it looks like you added some URL filtering back into the plugin. As of Version 3.1.2, I no longer have the problem I reported. Thanks!!! -Fred

  3. fwchapman
    Member
    Posted 2 years ago #

    P.S. Actually, I have to qualify that a little bit. On one of my sites with a dedicated SSL certificate, I no longer have the problem I reported; however, on another site with a shared SSL certificate, I still have the problem, which means I still need to use my Force HTTP plugin for now.

  4. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    I don't know about the current version, but the development version will work for you. Enable Force SSL Admin and Force SSL Exclusively and only your admin panel will be secure. All links to the front-end will be HTTP.

  5. fwchapman
    Member
    Posted 2 years ago #

    Thanks, Mike! I look forward to trying the next version, and I appreciate everything you do.

  6. Polishpaul
    Member
    Posted 1 year ago #

    Thank you! I installed the Dev version and it finally works. I'm now able to use a shared SSL certificate to log in, and return to HTTP admin to work on the blog. This allows the "preview" post feature to work now. Please update the release because what's available via WP is not working well.

  7. fwchapman
    Member
    Posted 1 year ago #

    Polishpaul, I had a feeling that shared SSL certificates were breaking the preview feature in some WordPress themes. It's good to know that what's coming in a future release of this plugin will help with that! -Fred

  8. Rubin110
    Member
    Posted 1 year ago #

    This is awesome thank you so much. I was just mulling about for the past hour trying to figure out a solution to this since I've got so many authors who suck at remembering to swap out https for http when spitting out URLs to their blogs.

    One issue I'm running into is short link URL still default to https, but everything else seems to work fine.

    Also will the development version upgrade itself to whatever is available through wordpress.org when it gets updated? Thanks again!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic