Support » Plugin: WordPress HTTPS (SSL) » [Plugin: WordPress HTTPS (SSL)] Force SSL Exclusively not working on multisites

  • I’m using this extension to force logins via HTTPS, but want pages and posts to redirect from https to http to avoid duplicate content (Force SSL Exclusively Setting).

    This works on the main site, but not on additional sites.

    Current WordPress Multisite with Domain Mappings. Everything else seems to work fine.

Viewing 14 replies - 1 through 14 (of 14 total)
  • This is still the case for version 3.1.1 of the plugin.

    Plugin Author Mike Ems


    So you have a multi-site network where each site has it’s own Dashboard and you’ve gone to each site’s Dashboard and enabled that option for each site and it’s not working for just your sub-sites?

    That’s correct. This setting does not seem to have any effect on sub-sites.

    Plugin Author Mike Ems


    I certainly can’t reproduce that. I’ve used the plugin on a few multisites. For example, here’s a sub-site using this feature and working

    Are you sure it’s not browse caching or something like that? Could you try setting up a fresh WP install on the same server, installing the plugin, and seeing if the problem persists?

    Mhhh, it’s very tricky to debug.

    I’m quite sure it has something to do with how WP Multisite, Domain Mappings and HTTPS are playing together. Let me give you some more details on the setup:


    server {
        listen  80;
        listen  443 ssl;
        ssl_certificate /etc/ssl/startssl/;
        ssl_certificate_key /etc/ssl/startssl/;
        root /var/www/;
        index index.php;
        location / {
            root /var/www/;
            index index.php;
            try_files $uri/ $uri /index.php?q=$uri&amp&$args;
            port_in_redirect off;
        # php via fastcgi
        location ~ \.php$ {
            fastcgi_index   index.php;
            fastcgi_intercept_errors on;
            fastcgi_param   HTTPS on;
            include         "fastcgi_params";
            fastcgi_pass    unix:/var/run/php-fastcgi.sock;
        # wordpress permalink rewrite
        if (-f $request_filename) {
        # uploaded files -> wp-includes/ms-files.php
        rewrite /files/$ /index.php last;
        if ($uri !~ wp-content/plugins) {
            rewrite /files/(.+)$ /wp-includes/ms-files.php?file=$1 last;

    Relevant entries in wp-config.php:

    define('FORCE_SSL_ADMIN', true);
    define('FORCE_SSL_LOGIN', true);
    define('WPLANG', '');
    define('WP_DEBUG', false);
    define('WP_ALLOW_MULTISITE', true);
    define('MULTISITE', true);
    define('SUBDOMAIN_INSTALL', true);
    define('DOMAIN_CURRENT_SITE', '');
    define('PATH_CURRENT_SITE', '/');
    define('SITE_ID_CURRENT_SITE', 1);
    define('BLOG_ID_CURRENT_SITE', 1);
    define('SUNRISE', true);

    WP HTTPS Config in
    WP HTTPS Config in

    Activated in Domain Mapping Settings:

    [X] User domain mapping page, [X] Redirect administration pages to site’s original domain (remote login disabled if this redirect is disabled)

    Primary Domain for the subsite is

    So, with this setup, everything works fine. The subsite dashboard redirects to like it should, too. The only thing not working is this:

    curl -I -k “”
    HTTP/1.1 200 OK
    Date: Fri, 20 Jul 2012 08:27:45 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Set-Cookie: redirect_count=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
    Link: <;; rel=shortlink

    where it should redirect like on the parent

    I hope this narrows it down a bit?

    Plugin Author Mike Ems


    Not really, that’s just confusing.

    You mentioned and in all your screenshots, and then you make a cURL request to


    That’s the domain mapping working.

    Primary Domain for the subsite is

    Plugin Author Mike Ems


    When you’re using an SSL Host that doesn’t match your Site URL, the code never verifies that you’re hitting the site over HTTPS from that host. It assumes that if your SSL Host doesn’t match your Site URL, there’s probably only one URL you can hit that site securely with, so it doesn’t bother verifying. If you’re SSL Host doesn’t match your Site URL and the page is HTTPS, you’re good to go. No redirect.

    I’m guessing works as intended?

    I could add in a check pretty easily, but to date there’s never been a reason to.

    Yeah, that sounds about right.

    I think our setup here is not that unreasonable so supporting this usecase should make sense. WP Multisite plus Domain Mapping is tricky enough like it is 😉


    please, say to this newbie how to setup the plugin in multisite domain mapping:

    a) is recomended enable the plugin to all the network or

    b) is nedded to enable the plugin in each subsite??

    best regards, pescadito

    Plugin Author Mike Ems


    I’ve never really used the Domain Mapping plugin. In the current version, the plugin is not running its installation process for each subsite when you do a Network Activate. This will be fixed in the next release. It will be out within a week if you’d like to wait.

    Mvied, I see you committed some changes to the plugin repository already. Are you running trunk (3.2) on a production site already? I’d like to upgrade 😉

    We are having the same issue. We’re on Apache and we have the most current version of this plugin. It’s still redirecting when we try and login via the admin between the domain and sub-domain and the login fails. So if a fix was leveraged, it’s not working with the most recent version of Domain Mapping on 3.4.2.

    In my secured (SSL) site (after using WordPress HTTPS SSL plugin)
    every page works fine but,

    In footer I had given:

    on click it goes to


    Please help?

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘[Plugin: WordPress HTTPS (SSL)] Force SSL Exclusively not working on multisites’ is closed to new replies.