Title: Redirect doesn't work for HTTPS Last modified: August 31, 2016 --- # Redirect doesn't work for HTTPS * Resolved [sirmacik](https://wordpress.org/support/users/sirmacik/) * (@sirmacik) * [9 years, 10 months ago](https://wordpress.org/support/topic/redirect-doesnt-work-for-https/) * Hi, * I want my website to be available via HTTP without login and via HTTPS only after login (that’s where your plugin comes in). * Now after enabling it I got whitelisting for HTTP working with: * ``` function my_forcelogin_whitelist( $whitelist ) { $scheme = parse_url(site_url(), PHP_URL_SCHEME); if( $scheme == 'http') { $whitelist[] = site_url($_SERVER['REQUEST_URI']); } return $whitelist; } add_filter('v_forcelogin_whitelist', 'my_forcelogin_whitelist', 10, 1); ``` * but with this code or without it it gives me too long redirects errors for https. I either get an url that looks like [something from this post](https://wordpress.org/support/topic/request-url-too-large#post-1680088), or 414 Request-URI Too Large from nginx or similar error from the browser. * WP_HOME and WP_SITEURL are set to [http://url](http://url). * Please advise, Marcin * [https://wordpress.org/plugins/wp-force-login/](https://wordpress.org/plugins/wp-force-login/) Viewing 1 replies (of 1 total) * Plugin Author [Kevin Vess](https://wordpress.org/support/users/kevinvess/) * (@kevinvess) * [9 years, 10 months ago](https://wordpress.org/support/topic/redirect-doesnt-work-for-https/#post-7384481) * I wonder if the problem is that you’re site URL is set to the scheme you want publicly available by default? For example, if you want ‘http’ to be publicly available, maybe your site URL should be set to use ‘https’ and you whitelist‘ http’ or vice-versa. * This might not affect the too long/large redirects – but you might want to change your whitelist code to this instead: * ``` function my_forcelogin_whitelist( $whitelist ) { $is_ssl = isset( $_SERVER['HTTPS'] ) && 'on' === $_SERVER['HTTPS'] ? true : false; if( !$is_ssl ) { $whitelist[] = site_url($_SERVER['REQUEST_URI']); } return $whitelist; } add_filter('v_forcelogin_whitelist', 'my_forcelogin_whitelist', 10, 1); ``` * Checking if `site_url()` has a scheme of ‘http’ will always be true since that is a WordPress function that always returns the site’s URL and not the URL typed into the browser. Viewing 1 replies (of 1 total) The topic ‘Redirect doesn't work for HTTPS’ is closed to new replies. * ![](https://ps.w.org/wp-force-login/assets/icon.svg?rev=1904031) * [Force Login](https://wordpress.org/plugins/wp-force-login/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-force-login/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-force-login/) * [Active Topics](https://wordpress.org/support/plugin/wp-force-login/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-force-login/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-force-login/reviews/) ## Tags * [HTTPS](https://wordpress.org/support/topic-tag/https/) * [redirect](https://wordpress.org/support/topic-tag/redirect/) * [too long](https://wordpress.org/support/topic-tag/too-long/) * 1 reply * 2 participants * Last reply from: [Kevin Vess](https://wordpress.org/support/users/kevinvess/) * Last activity: [9 years, 10 months ago](https://wordpress.org/support/topic/redirect-doesnt-work-for-https/#post-7384481) * Status: resolved