SSL Administration over Non-Standard Ports
-
I recently found myself with the not so uncommon problem of needing to secure multiple WordPress installations on the same web server. Unlike standard HTTP with VirtualHosts (Apache), HTTPS requires different ports for each site. However, WordPress does not currently allow you to specify which port should be used for SSL functions, and automatically assumes the standard port 443. This is a reasonable assumption for the core WordPress code to follow, but some of us host many small sites on a single server, and still care about security.
During my research, I came across the WordPress HTTPS plugin, which appeared to have exactly what I needed in its “Shared SSL” feature, since I needed my SSL Host to be “something other than ‘https://example.com/'”. However, after trying to set my Shared SSL Host to “https://example.com:4432”, followed by a thorough examination of the source code, I discovered that it wasn’t designed to work with port numbers at all.
So, after a few lengthy hacking sessions figuring out how WordPress plugins and filters work, I have a patch here for WordPress HTTPS 1.9.2 that supports port numbers and works beautifully on my secondary (and now secure) WordPress installation on my personal VPS. I’d like to submit it to Mvied for consideration in the next release, but I could not find a way to do so, other than reach out through the forum here. I couldn’t find a GitHub repo, a “send message” link on his profile, and the Trac for WordPress Plugins doesn’t even list the plugin as a Component. I’m pretty lost when it comes to my contribution.
- The topic ‘SSL Administration over Non-Standard Ports’ is closed to new replies.