Opened 8 years ago
Last modified 8 years ago
#37148 new defect (bug)
Links in notification emails appearing as https
Reported by: | leec87 | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | Administration | Keywords: | https |
Focuses: | Cc: |
Description
I have received several notification emails as an Administrator instructing me that Wordpress has been updated to the latest version.
However, all of the links contained within all of the emails output the URL as https://, and not whatever is stated within the Wordpress Site URL setting in General.
This leads to any link that is visited displaying a 'Connection not secure' message, as there is no SSL certificate for that domain name.
Attachments (1)
Change History (8)
#1
@
8 years ago
- Keywords reporter-feedback added
Thanks for the ticket @leec87, and welcome to WordPress Trac.
Is there any part of your website that is configured to use https? Is your site part of a WordPress Multisite network? If so, can you provide some details?
If not, have you tried deactivating your plugins one by one to see if the problem is being caused by a plugin? Also try switching to one of the default themes such as Twenty Fifteen in case your theme is at fault.
#2
@
8 years ago
- Keywords reporter-feedback removed
The various sites I've seen emails from, are using different sets of templates and plugins. They are not in multisite environments, neither are they set to use https:// anywhere in the configurations.
Thanks for the welcome. Advanced apologies if I leave anything out, this is my first time. And I'm relatively new to committing push requests on GitHub etc, but pleased to try and help the community.
#3
@
8 years ago
- Keywords reporter-feedback added
- Version trunk deleted
@leec87 Is this also the case for other emails like for comment moderation emails?
#4
@
8 years ago
Just to confirm I'm seeing the same issue, in every update email, from > 70 wordpress sites that I administer.
Of those, a single one is configured to use SSL via a plugin, the others are not.
They use a wide variety of plugins and themes. In all cases the theme has been created or modified by us, so I can say that there is nothing in their themes that intentionally modifies links in WP emails.
Due to the nature of this email, I can't comment if the latest version has this bug as it will only send an email on the next auto-update. I'll update this ticket if I receive such an email from a 4.5.3 install once 4.5.4 is released.
When I've received other emails (e.g password resets) from wordpress the links have been correct - as far as I've seen it's just the core update notification emails that show this issue.
Here's the raw source of one of these emails, with domain removed - this came from a 4.4.X install that updated itself to 4.4.4:
Howdy! Your site at https://www.example.com has been updated automatically to WordPress 4.4.4. For more on version 4.4.4, see the About WordPress screen: https://www.example.com/wp-admin/about.php WordPress 4.5.3 is also now available. Updating is easy and only takes a few moments: https://www.example.com/wp-admin/update-core.php If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help. https://wordpress.org/support/ Keeping your site updated is important for security. It also makes the internet a safer place for you and your readers. The WordPress Team
Screenshot of email received containing https:// links