Possible to fix admin URL behind proxy issue without hacking core?

1 Views

In a previous question I was trying to solve an issue where WordPress was using the wrong url in sortable column headers & pagination in the admin when behind a proxy, the only solution that worked involved modifying core files, specifically

On lines 491 and 658 in wp-admin/includes/class-wp-list-table.php, replace this line

Read More

$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

with 

if(!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
    $hostname = $_SERVER['HTTP_X_FORWARDED_HOST'];
} else {
    $hostname = $_SERVER['HTTP_HOST'];
}
$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $hostname . $_SERVER['REQUEST_URI'];

Anyone know how to do this without modifying the core?

Post Views: 1

Related posts

Leave a Reply

3 comments

  1. I threw this question around on Twitter and asked for feedback from some other core developers. My gut instinct was to make $current_url either filterable or generated by a function that could be overridden. This is, apparently, the wrong way about it.

    From the sounds of this converation, you have two options:

    1. Reconfigure your proxy to set the correct host values before things even get to PHP/WP.
    2. Manually clean and set up $_SERVER['HTTP_HOST'] in your wp-config.php file.

    I thought a bit more, and here’s some actual code you could add to wp-config.php to set things up (based on the hacky patch that changes core files):

    if ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) {
    $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}

    This should set things up such that the default core files don’t need any modification to function correctly. But please note that I can’t test this since I don’t have any kind of proxy setup to verify it against … so if this code doesn’t help fix your situation, please report back and we can try something else.

  2. I was having this same issue. We were using Apache as the proxy (ProxyPass & ProxyPassReverse defined) and the simple addition of the following to the virtual host resolved it:

    Add to the virtual host:

    ProxyPreserveHost on

  3. Using Apache httpd v2.4 I use the following to operate /wp-admin under a private apache instance with no modifcation to any code or additions to wp-config.php.

    Note: I had to obfuscate the example too much to get past the filter. Hopefully the keywords are enough to get you started.

    RequestHeader set Host yourdomain
    Header edit* Location ^yourdomain privatedomain

    SetOutputFilter Sed
    OutputSed “s#yourdomain/#/#g”

    My public apache instance denies access to /wp-admin.