Rails heroku app with wordpress as subfolder, unable to log in to admin

I have a rails app running on Heroku, and I am trying to get a WordPress blog set up on /blog for my domain for SEO purposes. I have Rack::ReverseProxy set up in my rails app pointing to the blog’s subdomain, and have all of the configuration on the WordPress side set up so all of the css and links work correctly. The problem I’m having is that when I go to /blog/wp-admin I am redirected to /blog/wp-login?redirect_to={blog’s subdomain}&reauth=1, and after trying to log in I’m sent to the same page.

I’ve noticed that I’m not being cookied for the login even though WordPress’s Test Cookie is being set for the correct domain. I’ve even traced it through and in wp-includes/pluggable.php in wp_set_auth_cookie where it actually sets the cookie after a successful login, the calls to setcookie are returning true, but immediately after the cookies aren’t added to my session (even though the Test Cookie does come through in the headers successfully)

Read More

Am I going down the wrong direction looking there? Are there any settings I should investigate to be able to log in this way?

Related posts

Leave a Reply

2 comments

  1. I had this exact problem, and I finally tracked it down to a bug in rack-reverse-proxy. The set-cookie header was being sent in an improper format, so only the first cookie was being interpreted correctly by the browser. That happened to be the wordpress test cookie. All the other (useful) ones were being thrown away, so of course I could not log in.

    I plan to submit a bug and branch to rack-reverse-proxy but in the meantime I fixed it with this patch in my config.ru:

    class MyReverseProxy < Rack::ReverseProxy
      private
      def create_response_headers(http_response)
        response_headers = super(http_response)
        if response_headers
          if response_headers["Set-Cookie"].is_a?(Array)
            response_headers["Set-Cookie"] = response_headers["Set-Cookie"].join("n")
          end
        end
        response_headers
      end
    end
    
    # this is to make /blog show my wordpress blog
    use MyReverseProxy do
        reverse_proxy_options :preserve_host => false
        reverse_proxy(/^/blog(/.*)$/, 'http://your-blog-server.com$1')
    end
    
  2. I don’t have an answer but I have a few suggestions to get a better understanding of what’s going on.

    If you are using Google Chrome, open the Network panel of the Developer Tools and watch what happens when you login.

    Check to see which domain the cookies are being set for, when you look at the response headers for the POST request that processes your login, you should see Set-Cookie header(s), check whether that domains is .domain.com or blog.domain.com and see if that request is trying to forward you to a different place.

    Another possibility is that your WordPress installation may be configured differently than you want it, for example the site URL being http://www.domain.com/blog instead of blog.domain.com

    Is it possible for you to go to the login page at blog.domain.com/wp-admin/?