Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#47288 closed defect (bug) (duplicate)

The is_ssl() function will be not playing a part in using reverse proxy

Reported by: rubycedar's profile rubycedar Owned by:
Milestone: Priority: normal
Severity: normal Version: 5.3
Component: Security Keywords:
Focuses: Cc:


The is_ssl() function will be not playing a part in using reverse proxy.

Attachments (1)

load.php (42.2 KB) - added by rubycedar 5 years ago.

Download all attachments as: .zip

Change History (3)

5 years ago

#1 @SergeyBiryukov
5 years ago

  • Component changed from General to Security
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #31288.

Hi @rubycedar, welcome to WordPress Trac! Thanks for the report.

This is something that comes up often, but is not something that can be fixed due to the nature of handling client-provided headers, which is what's needed to address the issue. See here for more info.

The long and short of it is that this is a server-level configuration issue with reverse proxy web servers. It's not a WordPress issue, and it's not limited to WordPress. There's no need to modify the is_ssl() function. You just need to add something along the lines of the following to your wp-config.php file:

$_SERVER['HTTPS'] = 1;

Any proxy configuration is "supported" by WordPress, you just need to remap the $_SERVER['HTTPS'] server variable based the particular proxy configuration you're using.

Last edited 5 years ago by SergeyBiryukov (previous) (diff)

This ticket was mentioned in Slack in #core by sergey. View the logs.

5 years ago

Note: See TracTickets for help on using tickets.