Problem with HTTPS Plugin and Multi-site

Resolved hubcap
(@hubcap)

11 years, 9 months ago
I new to WordPress and doing a new build and having a problem adding HTTPS Plugin (v3.3.6) onto a multi-site environment.

I’m looking to get my sites served via HTTP and all admin/login functions over HTTPS.

My issue is that as soon as I enable the HTTPS plugin then all my admin functions start giving me a “Registration has been disabled” page – with a url http://wp.domain.com/wp-signup.php?new=wpsite1.domain.net

I have WordPress on LAMP behind a separate Apache Reverse Proxy.

First off I managed to get the HTTPS Plugin working on a single site install with admin on HTTPS. For this I used a seperate domain.
On reverse proxy I have two virtual hosts – 1 for each of these – with SSL cert on *.domain.net.

When I tried to add multi-site on the top of this I got into problems, so going back to a clean install, I am now trying the approach of getting multi-site working first before adding HTTPS ontop.

I’ve followed this and got two sub sites working successfully with admin on HTTP.
The HTTPS configuration I am applying is:

Site + SSL Host
wp.domain.com + wp.domain.net
site1.wp.domain.com + wpsite1.domain.net
site2.wp.domain.com + wpsite2.domain.net

The domains are included as ServerAliases in Proxy appropriate virtual host.

and for each of these set:
Straight after “Save Changes” I can no longer get into any admin screen.

Hovering over “Site Admin” on a HTTP site (e.g. site1.wp.domain.com) shows me that the target it wants to send me to is “https://wpsite1.domain.net/wp-admin.

The request hits my WordPress server, log shows:
That’s a 302 redirect and then a 404 not found

And on my browser I just get the “Registration has been disabled” error (as above).

Any assistance gratefully appreciated.

Viewing 15 replies - 1 through 15 (of 19 total)

1 2 →

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 9 months ago

WordPress on wp.domain.com
Admin on wp.domain.net

Did that work BEFORE you turned on https?

Thread Starter hubcap
(@hubcap)

11 years, 9 months ago

Yes, well with HTTPS Off – all pages, including admin, where within wp.domain.com and then with HTTPS on (and SSL domain set within HTTPS config page to wp.admin.net) – that also worked across the two domains.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 9 months ago

Yes, well with HTTPS Off – all pages, including admin, where within wp.domain.com

Did the ADMIN.domain.com thing work without https though?
Thread Starter hubcap
(@hubcap)

11 years, 9 months ago
For Single-site

With HTTPS off
- WordPress on wp.domain.com
- Admin on wp.domain.com/wp-admin
With HTTPS on
- WordPress on wp.domain.com
- Admin on wp.domain.net/wp-admin – due to SSL Host setting in HTTPS Plugin
Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 9 months ago

Okay, and for multisite did this work:

With HTTPS off

WordPress on wp.domain.com
Admin on wp.domain.net

The thing I think is actually the problem is the admin on another domain.
Thread Starter hubcap
(@hubcap)

11 years, 9 months ago
With Multi-site

With HTTPS off

WordPress sites on (this Worked)
- wp.domain.com
- site1.wp.domain.com
- site2.wp.domain.com
Admin on (this Worked)
- wp.domain.com/wp-admin
- site1.wp.domain.com/wp-admin
- site2.wp.domain.com/wp-admin
i.e. no use of secondary domain root

With HTTPS on

WordPress on (this Worked)
- wp.domain.com
- site1.wp.domain.com
- site2.wp.domain.com
Admin on (This Failed)
- wp.domain.net/wp-admin
- wpsite1.domain.net/wp-admin
- wpsite2.domain.net/wp-admin
So the admin is actually only on a another domain when HTTPS is on (using the setting within HTTPS SSL Host for each site) – which works for single site.

One side point – the reason that the lowest order part of admin domain is different “site1.wp.domain.xx” moves to “wpsite1.domain.xx” is that my wildcard certificate on *.domain.net doesn’t cover sub.sub domains. But I believe this to be not relevant as the main site (wp.domain.net) doesn’t work either.

Hope that’s clearer.
Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 9 months ago

So the admin is actually only on a another domain when HTTPS is on (using the setting within HTTPS SSL Host for each site) – which works for single site.

Yeah, I’m not entirely confident that would work, with or without https, for Multisite. And that’s… kind of my major worry here. Multisite’s a lot pickier about that :/

Thread Starter hubcap
(@hubcap)

11 years, 9 months ago

Hi – I note from this thread that the developers imply that HTTPS Plugin and Multisite are designed to work. Can I get this looked at as a bug?

jkhongusc
(@jkhongusc)

11 years, 9 months ago

> WordPress on wp.domain.com
> Admin on wp.domain.net

I am not sure how to configure WP to do that even without https.

Have you considered using the WP Domain Mapping plugins to map your sites to a different name (one with less parts to work with your cert)? For example site1.wp.domain.com to site1.domain.com, and site2.wp.domain.com to site2.domain.com

Thread Starter hubcap
(@hubcap)

11 years, 9 months ago

Well it’s actually a feature of the HTTPS plugin to offer an alternate domain name (SSL Host).

I did have a quick look, but wasn’t keen to add another component to the mix if the two parts (HTTPS Plugin) and (Multisite) were meant to be able to do this.

I do think we might need domain mapping for another requirement – so I might look at adding.

Thanks

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 9 months ago

It’s not that HTTPS is the issue, it’s the alternate domain that’s the issue.

And that’s what I think doesn’t work on Multisite.

Thread Starter hubcap
(@hubcap)

11 years, 9 months ago

@ipstenu, hi – you may have missed my question above – is it a bug? I’ve posted it on HTTPS Plugin forum to see if I can get a view from developers.

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

11 years, 9 months ago

It’s not a bug, but it is a complicated setup.

1. In multisite you’ve got SSL certs that need to have alternate names or wildcards for your non-primary domains.

2. Your web server virtual hosts need to have a working vhost explicitly for the SSL version or at least a wildcard vhost and that SSL cert.

3. You also may want to use a SSL plugin (I do it at the server level but I’m “different”) so that’s a good plugin to try.

Can you provide real URLs to look at?

Thread Starter hubcap
(@hubcap)

11 years, 9 months ago

Jan, hi

Thanks for replying

Last question first – do you mean to actually access my wordpress? I’m afraid it’s locked away internally so not really readily available.

1. I have a Wildcard cert covering *.mydomain.net

2. I have SSL into Reverse Proxy – seperate vhosts for 80 and 443 and cert on 443 vhost.

3. I take it you mean a WordPress SSL plugin (different from HTTPS Plugin)? – can you point me at that? I wasn’t planning to run SSL on the WordPress server – just into Proxy – HTTPS Plugin has support for proxy setup and (I believe) expects to receive HTTP inbound from proxy, but manages the links on pages to include the HTTPS.
Thread Starter hubcap
(@hubcap)

11 years, 8 months ago
Hi,

I have given up on this approach – the main reasons for trying it were three fold:
- we use the same www domain for our content website and our application – HTTP = content, HTTPS = application. So using same domain for content and admin gives us a conflict on https://www.mydomain.com
- we have wildcard cert for *.mydomain.net and therefore same cert could be used for admin on all sub-sites (sub sites will be different main domains)
- using the same main domain for all admin makes for more easy apache virtual host setup on reverse proxy.
So it would be great if this approach works.

However in the interests of time and no solution we have now decied to move our application to “app.mydomain.com” and enabled HTTPS using HTTPS Plugin. We will need to get new certs for all domains we host to support the admin traffic. A work-around at least.

Thanks for the input