Skip to content

Instantly share code, notes, and snippets.

@rordi

rordi/wordpress-proxy.md

Last active September 16, 2021 11:52
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rordi/85ad6c352305b6f53b1437fc718f0799 to your computer and use it in GitHub Desktop.
Save rordi/85ad6c352305b6f53b1437fc718f0799 to your computer and use it in GitHub Desktop.
Download ZIP
Run Wordpress behind a proxy server (avoid assets being blocked)
Raw
wordpress-proxy.md

Run Wordpress behind a proxy server (avoid assets being blocked)

Wordpress has issues to detect the SSL connection betwenn the client and the proxy and thus may load static assets through http instead https, which will be blocked in moderns browsers (mixed content).

To circumvent the problem, simly extend your wp-config.php by following functions (insert towards the top of the config script):

/** Proxy SSL detection */
function detect_proxy_ssl() {
    if (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && strpos($_SERVER['HTTP_X_FORWARDED_SSL'], 'on') !== false) {
        return true;
    }

    $variants = [
        'HTTP_X_FORWARDED_SSL',
        'HTTP_X_FORWARDED_PROTO',
        'HTTP-X-FORWARDED-PROTO',
        'X_FORWARDED_PROTO',
        'X-FORWARDED-PROTO',
        'X_Forwarded_Proto',
        'X-Forwarded-Proto'
    ];

    foreach ($variants as $variant) {
        if (isset($_SERVER[$variant]) && strpos($_SERVER[$variant], 'https') !== false) {
            return true;
        }
    }

    return false;
}

if (detect_proxy_ssl()) {
    $_SERVER['HTTPS']='on';
    define('FORCE_SSL_ADMIN', true);
    define('FORCE_SSL_LOGIN', true);
}
@slavikme
Copy link

Much appreciated! 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment