Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#39659 closed enhancement (duplicate)

Offloaded SSL Detection

Reported by: miraclebg's profile miraclebg Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:


Currently Wordpress supports detection only by checking the HTTPS environment variable (on,1).

I would suggest also adding forwarded protocol headers - like ones coming from a SSL offloader (HaProxy for example) which would normally send in this case:


It is currently impossible to do this otherwise unless manually editing the WordPress core.

I am attaching a screenshot of the proposed change i have to do every time manually.

Thank you!

Attachments (1)

Screen Shot 2017-01-21 at 14.16.39.png (86.1 KB) - added by miraclebg 7 years ago.
Proposed fix

Download all attachments as: .zip

Change History (3)

#1 @ocean90
7 years ago

  • Component changed from HTTP API to General
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hello miraclebg, welcome to Trac!

Thanks for your report, it's something that comes up often:

WordPress Installation behind reverse-proxy ssl redirect loop
Allow overload of is_ssl() via a filter
Detect https correctly when behind a proxy/loadbalancer
IS_SSL should check return true for SSL Terminated load balancing
is_ssl not compatible with server - option for filter or hook
is_ssl() does not work on cloud hosting
ssl is not detecting for cloudflare
wp-admin/load-styles.php not serving multiple assets over HTTPS
Offloaded SSL Detection
Improvement ssl detection
custom changes to wp-includes/functions.php overwritten by automatic upgrades, breaking Cloudflare or squid frontend

Please take a look at #31288 which provides information on how to solve this for your environment.

#2 @miraclebg
7 years ago

Oh, sorry - i did look but no idea why i could not find these dups.

Note: See TracTickets for help on using tickets.