WordPress.org

Ready to get started?Download WordPress

Forums

WordPress HTTPS (SSL)
[resolved] [Plugin: WordPress HTTPS] Force SSL option on Apache behind Nginx = redirect loop (6 posts)

  1. TomsRiverWebDesign
    Member
    Posted 3 years ago #

    Excellent plugin! I've used it on WP on Apache before with no problem. Now I'm sitting behing Nginx, and when I try 'Force SSL' I get an infinite 301 redirect loop. The page in question is here.

    If I uncheck the 'Force SSL' options and specify https:// in the address bar, the resource won't redirect and the the ssl connection is honored (albeit without the internal URL rewriting but hey, does that help?)

    I looked at your code, daunting but I don't have your insight. Can you point me in the write (I kill me!) direction?

    Thanks, Scott

    http://wordpress.org/extend/plugins/wordpress-https/

  2. TomsRiverWebDesign
    Member
    Posted 3 years ago #

    I got it. It seems that 3 times out of 4, the redirect happens as a result of the is_ssl() function, which is located around line 270.

    I changed this line:
    if ( $this->shared_ssl == 1 && strpos($this->https_url, $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {

    To this:
    if (strpos($this->https_url, $_SERVER['HTTP_X_URL_SCHEME'] . '://' . $_SERVER['HTTP_X_FORWARDED_SERVER'] ) !== false ) {

    It had to be done since my proxy web server wasn't passing along the protocol to apache. Unfortunately I trashed the shared_ssl option in the process, so this may not work for you.

    Best Regards,
    Scott

  3. Mvied
    Member
    Plugin Author

    Posted 3 years ago #

    Hey Scott,

    Are you using the Shared SSL feature to proxy your site for HTTPS?

    I've seen quite a few cases where the proxy servers weren't properly forwarding the correct information. I've tried to address this issue in my development version. The code I came to was this:

    function is_ssl() {
       if ( $this->shared_ssl == 1 && strpos($this->https_url, preg_replace('/:.+$/', '', $_SERVER['HTTP_HOST'])) !== false ) {
        return true;
       }
       return is_ssl();
    }

    I don't actually have anywhere to test shared SSL functionality, hence why there haven't been any updates to the plugin in a long time. It also doesn't help that most issues that people are having only show up on some servers and not others.

    Anywho, try that code out and let me know it if works or not.

    Thanks,
    Mike

  4. TomsRiverWebDesign
    Member
    Posted 3 years ago #

    Hi Mike,

    I too wanted to be clear in my post, and for the benefit of anyone reading, do _not_ copy my code verbatim! - I'm not using Shared SSL. And your headers may vary

    Try to work out what headers are coming from your proxy. Nginx was only sending the domain name without the scheme in the HTTP_HOST header, so that was out. I admit mine is more of a kludge.

    Excellent plugin all around... Thanks Mike!

  5. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Hey Scott,

    I'm going to be pushing out version 1.9 soon. It will work for you without any modifications. Below is the conclusion I came to and it seems to work with Shared SSL as well as proxies. Thank you for your contribution. :)

    function is_ssl() {
    	// Some extra checks for proxies and Shared SSL
    	if ( !is_ssl() && strpos($this->https_url, $_SERVER['HTTP_X_URL_SCHEME'] . '://' . $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {
    		return true;
    	} else if ( $this->shared_ssl == 1 && !is_ssl() && strpos($this->https_url, $_SERVER['HTTP_HOST']) !== false ) {
    		return true;
    	}
    	return is_ssl();
    }
  6. Mvied
    Member
    Plugin Author

    Posted 2 years ago #

    Found a bug in the function. Correction:

    function is_ssl() {
    	// Some extra checks for proxies and Shared SSL
    	if ( $_SERVER['HTTP_X_FORWARDED_SERVER'] && !is_ssl() && strpos($this->https_url, $_SERVER['HTTP_X_URL_SCHEME'] . '://' . $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {
    		return true;
    	} else if ( $this->shared_ssl == 1 && !is_ssl() && strpos($this->https_url, $_SERVER['HTTP_HOST']) !== false ) {
    		return true;
    	}
    	return is_ssl();
    }

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic