Make WordPress Core

Changes between Initial Version and Version 17 of Ticket #15733


Ignore:
Timestamp:
05/07/2020 08:42:29 PM (4 years ago)
Author:
SergeyBiryukov
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #15733

    • Property Status changed from new to closed
    • Property Summary changed from Wordpress Installation behind reverse-proxy ssl redirect loop to WordPress Installation behind reverse-proxy ssl redirect loop
    • Property Resolution changed from to wontfix
    • Property Milestone changed from Awaiting Review to
  • Ticket #15733 – Description

    initial v17  
    88The problem:
    99In setups like that, some server variables, are not used. This is why you have to use mod-rpaf on apache to get the client ip.
    10 One of those variables, is $_SERVER['HTTPS'].
    11 So in a setup with reverse-proxy in front, you have to set a variable $_SERVER['HTTP_X_FORWARDED_PROTO'] with value 'https', to make backend realize that its 'real' url is an https one.
     10One of those variables, is `$_SERVER['HTTPS']`.
     11So in a setup with reverse-proxy in front, you have to set a variable `$_SERVER['HTTP_X_FORWARDED_PROTO']` with value 'https', to make backend realize that its 'real' url is an https one.
    1212
    13 Wordpress checks only for the $_SERVER['HTTPS'] variable, and gets caught in an endless loop redirection from https to http to https and so on. The way we got over that, is to check for the $_SERVER['HTTP_X_FORWARDED_PROTO'] header in wp-include/functions.php:is_ssl() function.
     13Wordpress checks only for the `$_SERVER['HTTPS']` variable, and gets caught in an endless loop redirection from https to http to https and so on. The way we got over that, is to check for the `$_SERVER['HTTP_X_FORWARDED_PROTO']` header in wp-include/functions.php:is_ssl() function.
    1414
    1515I'm submitting also our 3-line patch, in case anyone has the same problem. Patch tested and works with nginx reverse-proxy.