Support » Fixing WordPress » Overcoming Referer Problems With Domain Forwarding

  • My web forwarding company (freeparking) uses URL masking which means that the address box always displays is however in reality hosted at http://www.myhost/myuser/blogs.

    This means that the referer information is incorrect, so that even though the site works fine when accessed directly at http://www.myhost/myuser/blogs/ ,it refuses to login when access via

    The problem occurs when logging in – it just returns to the login page.

    After spending many hours investigating this, it seems that the freeparking URL masking is done by opening all pages within a 100% frame, hence masking the URL.

    I then scratched my head to see if there is a way around this problem and came up with the idea of editing the PHP code so that the referer information simply demands a referal from without comparing it with the local database. This solution should still be secure as it requires a referer, so should get around the login problem.

    Some investigating tells me that the code I require is $HTTP_REFERER

    Can anyone tell me what PHP pages I need to change the code on?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Wow, that’s a good idea. Have you gotten around to implementing it yet? I just put a blog up for my little sister, hosting it on my webspace, but I wanted to get her her own domain. I did so, forwarded it, and got the same result ( does forwards the same way – opening everything in a 100% frame). Let me know if you got it working…

    why not simply break out of frames using a piece of JS?

    I can do this, but then I would loose the domain masking.

    I’m still working on this problem (3 full days later!), wp-login.php seems to authenticate the user, which is then rejected by the page that it’s redirected to.

    This is definately an authentication problem.

    The problem is that I can’t work out the authentication process, all documentation seems to suggest that it uses cookies, yet there are no wordpress cookies on my PC when I look for them (even though it logs in OK when I don’t use the domain masking). It seems to me that wordpress doesn’t use cookies unless you check the “remember me” box. Instead it seems to pass infomation from one page to the next, although I can’t for the life of me work out how it does this!.

    Anyone with information on how wordpress pages check if the user is logged in (or links to how this happens) please, please, please tell me.

    I have now been working with this problem for 2 weeks solid (hours per day!). I still can’t work out the answer. On the positive side, when I (someone else) figures it out, I will enjoy customising wordpress as I now feel that I know it in good detail (apart from the authorisation!).

    If anyone on here understands how the authorisation works, and what could be causing my problem I beg you to help me urgently. I like wordpress, but if I can’t overcome this problem I will have to try different blog software, which would be a shame as wordpress is such a good package.

    Thank you all in anticipation, whoever sorts this out gets my undying gratitude.

    if you NEED to use WordPress, get a proper DNS hosting provider. there’s no point in wasting your time and effort and even if you get it to work in the end, it’s not worthit.

    you may get away with “Stealth Redirection” or in this case what you call “URI masking”, but not for long. 🙂

    once you have the DNS setup, have it point to an IP of the server running the WordPress site, notify your hosting provider to hardcode it into Apache/IIS or whatever httpd platform they use and you’re good to go, no fussing with quirky settings.

    Thanks scaturan, you are of course correct. The problem is that I am trying to set up the blog for a club, and £10 per month for proper web hosting is more than they can afford.

    I hadn’t heard it called “stealth redirection” before ( that I use call it “URL making”). So you help will at least give me another avenue to explore with the search engines.

    YES !!!!!!!!!

    After 2 weeks of solid work, I’ve finally solved this problem !

    Edit wp-pass.php

    Change the line :




    Where is the actual wp directory rather than

    Hope this helps – happy blogging using you free webspace !

    I’m using GoDaddy to host my site (with masking) and the above fix does not seem to work for me using IE 🙁 I’ll post the code below… any help is much appreciated.





    AND I also tried:



    Could you have possibly changed something else in your two weeks of configuring? This problem is very frustrating as you well know. Turning off masking is not really an option for me.

    I found that some people were still having problems. I then traced this to the fact that they had session cookies switched off.

    If you are using IE, you can find this as follows:

    [Tools][Internet Options][Privacy]
    Click on [Advanced]
    Then override automatic cookie handling and set [always allow session cookies]

    All users are now working without problems.

    If the problem here is switching cookies, then it’s still a problem because not everyone who visits your site is going to know how to do this. This is like placing a “To view this site, use Firefox” ad on your homepage.

    After looking through so many posts about this issue, I’ve come to the conclusion that the hosting service is the problem. Otherwise, it’s WordPress.

    I fixed my domain forwarding and login issue by changing the database:wp_options value for “home” to my actual file location (, leaving “siteurl” as the domain I want to access the site (

    I had made the change CliveW suggested, but undid this after doing the wp_options “home” change and it still works. I believe thats the only change I made.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Overcoming Referer Problems With Domain Forwarding’ is closed to new replies.