I have a WordPress blog running behind a reverse proxy (Apache).
httpd.vhosts.conf:
<VirtualHost *:80>
ServerName blog.domain.com:80
ServerAlias www.blog.domain.com
ProxyPass / http://192.168.101.11/blog/
ProxyPassReverse / http://192.168.101.11/blog/
</VirtualHost>
The blog works fine, I can log in as admin, but when try to save settings or delete a plugin (and a wp_redirect occurs) I am redirected to the login page, because wordpress obviously doesn’t find/accept the session cookie, and the action doesn’t get completed.
Therefore, I have added this line:
ProxyPassReverseCookiePath / http://192.168.101.11/blog/
(see Apache proxy cookies works only with the first app)
This seemed to solve the problem. However, I have noticed now, that with this setting, the login does not work at all, but only in Safari and IE (works just fine in Opera, Firefox, Chrome). I just get redirected to the login page again.
Some additional information:
- The session cookies and
wordpress_test_cookiefor the admin section are not created at all in Safari, only the ones like"__uc*"etc. (for the blog itself). Without theProxyPassReverseCookiePath-entry, they are created. - I activated cookies for third-party-sites (in both browsers), this didn’t solve the problem.
- I’ve configured WP-cookies this way:
wp-config.php
define('COOKIE_DOMAIN', '.blog.domain.com');
define('COOKIEPATH', '/');
define('SITECOOKIEPATH', '/');
define('ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'wp-admin' );
Solved it:
I made a slight mistake in the cookie path configuration. It has to be:
ProxyPassReverseCookiePathperforms a transformation of thepathattribute of cookies. This attribute contains only a path, so passing a full URL to the directive will not work. Iâm not sure why it didnât work for you without theProxyPassReverseCookiePathdirective, but I assume that WordPress did not respect theCOOKIEPATHthat you set.The correct configuration would be:
This will transform both the
pathand thedomainof your cookies, and thus makes the settings you made inwp-config.phpobsolete.