WordPress.org

Support

Support » Multisite » Multisite with domain mapper and SSL

Multisite with domain mapper and SSL

  • Hi everyone,

    I’m using domain mapper to host domains outside the normal wordpress multisite wildcard domains. For a domain mapped site, the admin links (../wp-admin/..) for login end edit are linking to the same domain over https.

    Is there a way to have them link to the WP multisite wildcard domain instead? We have a wildcard SSL cert and https set up for these wildcarded domains and are using FORCE_SSL_ADMIN to make wordpress switch protocols.

    One solution would be to purchase a SSL certificate for the domain mapped domain (roblog.org in the example below), but would prefer not to have to do this.

    As an example:

    http://robsite.org – domain mapped site – admin links go to https://robsite.org (no ssl cert – problem)
    robsite.mywordpress.org – same site under WP multisite – https no problem
    *.mywordpress.org – WP multisite installation with wildcard SSL cert and https – no problem

    Rob

Viewing 11 replies - 1 through 11 (of 11 total)
  • Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    There’s a checkbox in the domain mapping settings to tell it to use the subdomain for the admin area or not.

    In 3.0 there’s a problem using FORCE_SSL_ADMIN with a wildcard cert and domain mapping:

    If you go to http://site.com/wp-admin it will redirect to SSL at https://site.com/wp-login.php, then redirect to https://site.network.com/wp-login.php, which will get you a certificate warning because you probably don’t have a valid cert for site.com.

    It works fine if you directly to https://site.example.com/wp-admin, but it would be better if you could just tell users to go to /wp-admin.

    FORCE_SSL_LOGIN works fine with domain mapping, but once you’re in it’s not secure.

    The redirection happens at the beginning of wp-login.php, and I don’t know if there’s any way for domain mapping or any other plugin to modify this behavior. If not, should this be a bug filed with WP core?

    Nathan

    Thanks for your confirmation of this issue Nathan. In the meantime I made a small plugin that modifies the admin links to point to the correct domain.

    <?php
    /*
    Plugin Name: Better Admin Links
    Description: Makes admin links go to the WP multisite domain when using domain mapping and HTTPS
    Author: Robert Carter
    Version: 0.1
    */
    
    function fix_domain( $link ) {
    	$opt = get_alloptions();
    	$siteurl = $opt['siteurl'];
    
    	preg_match('|(http[s]?://.+?/)|', $link, $m);
    	$mappedurl = $m[1];
    
    	$html = str_replace($mappedurl, $siteurl, $link);
    
    	return $html;
    }
    
    add_filter('edit_post_link', 'fix_domain');
    add_filter('get_edit_post_link', 'fix_domain');
    add_filter('edit_comment_link', 'fix_domain');
    add_filter('edit_bookmark_link', 'fix_domain');
    add_filter('edit_tag_link', 'fix_domain');
    
    //add_filter('loginout', 'fix_domain');
    //add_filter('register', 'fix_domain');
    
    ?>

    If anyone can tell me how to modify the top-left link on the wordpress login page (_back to MySite_), that would help.

    Rob

    Moderator Mark Jaquith

    @markjaquith

    The redirection happens at the beginning of wp-login.php, and I don’t know if there’s any way for domain mapping or any other plugin to modify this behavior.

    There is:

    $location = apply_filters('wp_redirect', $location, $status);

    The plugin might be able to hook in there and redirect to the appropriate mapped domain.

    Just created a Trac ticket.

    Rob

    Thanks Mark, will test and report back.

    The plugin might be able to hook in there and redirect to the appropriate mapped domain.

    The issue they are having is wp-login is initially redirecting to the mapped domain which they don’t have a SSL certificate for.

    In this instance what needs to be done is add a small plugin that filters on wp_redirect and changes the request for the SSL mapped domain login to the SSL subdomain login.

    Quick and dirty: https://gist.github.com/821559

    Working for me so far when placed in mu-plugins, but this is the 1st plugin I’ve ever written, so any feedback and cleanup would be appreciated.

    Nathan

    I’ve got a 1st draft plugin up on GitHub. If anybody’s interested I can put it in the plugin directory and such things:

    https://github.com/cramerdev/acms-admin-wildcard-redirect

    Hey Nathan, your plugin works great! A much more generic solution than matching links in the content. I will contact Donncha O Caoimh – the author of domain mapper and point him to this thread. Perhaps he can add this function into domain mapper.

    The only remaining issue is the one I mentioned before. When you click the link

    <- Back to All about fish

    On a page like this:

    https://allaboutfish.mywordpress.org/wp-login.php

    You go to https://allaboutfish.org – so you still get a cert error in this case.

    Anyone know a filter hook to take care of that one?

    Rob

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    Rob, up in the posts above Ron is also one of the domain mapping devs….

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Multisite with domain mapper and SSL’ is closed to new replies.
Skip to toolbar