If I edit the wp-config.php
I am supposed to add:
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
However, my website has .htaccess
rules to force https and www across the entire website:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTP_HOST} ^website.com
RewriteRule ^(.*)$ https://www.website.com/$1 [L,R=301]
I know there are other rewriterules available, but again not sure which one is correct.
Which of the following 3 should I be using in wp-config.php
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$_SERVER['HTTPS'] = 'on';
$_SERVER['SERVER_PORT'] = 443;
}
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$_SERVER['HTTPS'] = 'on';
$_SERVER['SERVER_PORT'] = 443;
}
I've found a few other slightly different variations of this all over the internet regarding wordpress SSL but I can't figure out what one is the correct/main one...
PHP code doesn't have to deal with SSL at all in such case. Here applies classical SoC principle: if you code doesn't explicitly work with connection (in WP it does not), you should leave protocol checking to web server.
You should also avoid defining port in your rewrite rules. In case you're not using multisite WP setup, you could try:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
i used this one. which is fine to go on.
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';
if your server port is differed from 443. you can specify it . Otherwise, no need to use it once again .
Corrected .htaccess rules ( as detailed on wiki.apache.org ):
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://mysslcertdomainname.com/$1 [R,L]
Normally, your code examples (1,2,3) are not necessary with Wordpress, but it looks like you have some kind of proxy based on the question.
HTTP_X_FORWARDED_PROTO
is not set by the web server. ** As a general rule changing _SERVER
variables (like SERVER_PORT
and HTTPS
) are discouraged unless you have a not-so-common setup (ie. behind proxy - which is the only reason for any of this code).
For this to work for me, I had to comment out the if statement lines surrounding the line $_SERVER['HTTPS']='on';
I am using Zevenet CE 5.9, which does not provide the options for x-forwarded-for or x-forwarded-proto, hence to put it behind the reverse proxy we just force https on this way :).
If you are using docker and to avoid manual configurations (by humans) this worked for me:
if ( getenv('ENABLE_HTTPS') === "true" ) {
define( 'FORCE_SSL_ADMIN', true );
$_SERVER['HTTPS']='on';
}
And I just need to pass a new variable ENABLE_HTTPS
docker run -d --name wordpress -it --rm -p 80:80 \
-e DB_HOST=10.10.10.10:3306 \
-e DB_USER=root \
-e DB_PASSWORD=secret \
-e DB_NAME=wordpress \
-e AUTH_KEY=$RANDOM_KEY \
-e SECURE_AUTH_KEY=$RANDOM_KEY \
-e NONCE_KEY=$RANDOM_KEY \
-e LOGGED_IN_KEY=$RANDOM_KEY \
-e AUTH_SALT=$RANDOM_KEY \
-e SECURE_AUTH_SALT=$RANDOM_KEY \
-e LOGGED_IN_SALT=$RANDOM_KEY \
-e NONCE_SALT=$RANDOM_KEY \
-e WP_DEBUG=true \
-e DISABLE_WP_CRON=true \
-e ENABLE_HTTPS=true wordpress:5.7.2
use this code in functions.php
add_action('template_redirect', 'f_force_ssl');
function f_force_ssl(){
if (!is_ssl()) {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 301);
exit();
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.