WordPress HTTPS (SSL)
[resolved] Try to change /wp-admin/admin-ajax.php into HTTPS but all method failed (4 posts)

  1. hughred22
    Posted 2 years ago #

    So my eCommence software return follow error message:
    The page at https://creatorup.com/checkout-2/?edd_action=add_to_cart&download_id=596 displayed insecure content from http://creatorup.com/wp-admin/admin-ajax.php.

    XMLHttpRequest cannot load http://creatorup.com/wp-admin/admin-ajax.php. Origin https://creatorup.com is not allowed by Access-Control-Allow-Origin.

    So I need to turn everything inside /wp-admin/ folder, including admin-ajax.php into https. But I tried every way and all fails.
    1. I tried put "wp-admin", "/wp-admin/" in the WP HTTPS backend labeled URL Filters. Not working.
    2. I tried this code:

    [ Moderator Note: Please post code or markup snippets between backticks or use the code button. ]

    //WordPress HTTPS
    	function store_force_ssl( $force_ssl, $post_id = 0, $url = '' ) {
        if ( strpos($url, 'admin') !== false ) {
            $force_ssl = true;
        return $force_ssl;
    	add_filter('force_ssl', 'store_force_ssl', 10, 3);

    Not working
    3. I tried this code:

    function store_force_ssl( $force_ssl, $post_id ) {
        if ( strpos($_SERVER['REQUEST_URI'], 'wp-admin') !== false ) {
            $force_ssl = true;
        return $force_ssl;
    add_filter('force_ssl', 'store_force_ssl', 10, 2);

    Not working.

    Please help...


  2. Mike Ems
    Plugin Author

    Posted 2 years ago #

    What E-commerce plugin are you using? What steps did you take to produce the error?

  3. hughred22
    Posted 2 years ago #

    Easy Digital Download: https://easydigitaldownloads.com/
    Actually WP HTTPS cause other plug-in like Login Radius social login have problem as well.
    The problem is: When I enable "Force SSL Exclusively: Any page that is not secured via Force SSL or URL Filters will be redirected to HTTP", the above problem show up. admin-ajax.php. remain http (or to say be force into http). As I mentioned, I used all the method provide on your doc to force anything inside /wp-admin/ to be https. I also use
    define('FORCE_SSL_ADMIN', true);
    AND the .htaccess rewrite:
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^/?(wp-admin/|wp-login\.php) https://mysite.com%{REQUEST_URI}%{QUERY_STRING} [R=301,QSA,L]

    All will not change the fact the "http://creatorup.com/wp-admin/admin-ajax.php" still load from http instead of https.

    But when I disable the Force SSL Exclusively, everything works! EDD, Social Login and others.

    My question is: I want to force center pages on my site to be ONLY http b/c of my CDN (Video hosting) do not support HTTPS. So if I disable Force SSL Exclusively, how can I force pages, let say under the video folder mydomain/video/..., back to http?

    Thanks again for the quick response btw :)

  4. Mike Ems
    Plugin Author

    Posted 2 years ago #

    Could you try the development version and let me know if the issue persists?

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • WordPress HTTPS (SSL)
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.