I have a wordpress site on apache behind nginx proxy.
I’ve configured SSL and now I can’t preview draft posts, they end up in an infinite redirect loop to the same url.
In our wp-config we have:
define( 'FORCE_SSL_LOGIN', true );
define( 'FORCE_SSL_ADMIN', true );
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';
We have .htaccess for the apache root:
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/Site/
RewriteCond %{REQUEST_URI} !^/phpMyAdmin/
RewriteRule ^(.*)$ /Site/$1
RewriteCond %{REQUEST_URI} !^/phpMyAdmin/
RewriteRule ^(/)?$ /Site/index.php [L]
We have .htaccess for the Site folder:
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
If I access the post preview in http it works:
http://my.domain/?post_type=portfolio&p=3405&preview=true
But with https it gets redirected (301) to the same url over and over again:
https://my.domain/?post_type=portfolio&p=3405&preview=true
I’ve added an output buffer in the wordpress index.php, so I can see in the log that when accessing the secured link, it generates the post preview html, so the redirection must have occurred on the way back, after the php engine generated the post preview.
For the secured link, in the apache access log I see, so I don’t think the nginx is causing the problem:
“GET /?post_type=portfolio&p=3405&preview=true HTTP/1.0” 301
We use permalinks, and so published posts are previewed without any problem in both http and https.
Any ideas?
Thanks,
Lior
The code provided is checking that the X-Forward-Proto header is set to https. You need to ensure nginx is adding this in the forward – something like the following :