Instantly share code, notes, and snippets.

Embed
What would you like to do?
Honor the `X-Forwarded-Host` header for the duration of a single request in WordPress.
<?php
/*
# X-Forwarded-Host #
Honor the `X-Forwarded-Host` header for the duration of a single
request in WordPress.
## Read Me First ##
Use this when you want to *temporarily* use a reverse proxy with
WordPress. If you are going to *permanently* use a reverse proxy, just
change the "Wordpress address" and "Site address" in the General
Settings section of the Admin.
Unfortunately, this cannot be installed as a plugin because it needs
to be activated before the call to `wp_plugin_directory_constants`.
## Installation ##
First, put this file into the `wp-includes` folder of a WordPress
installation.
Edit `wp-settings.php`. Just before the call to
`wp_plugin_directory_constants`, add this line:
require( ABSPATH . WPINC . '/x-forwarded-host.php' );
## Use Case ##
You are running a local installation of WordPress. You have
temporarily created a reverse proxy server with a public URL that
forwards to your local installation. The proxy server sets the
`X-Forwarded-Host` header.
WordPress normally creates absolute URLs using the `home` and
`siteurl` options. Since you're temporarily accessing the WordPress
site through a proxy with a different address, you want to use the
public URL instead of the local URL.
## Did it Work? ##
To verify that it worked, load a page through the proxy URL. View the
page source. All URLs should use the proxy URL hostname, not your
local hostname.
## Compatibility ##
Tested against WordPress 3.1.2.
## About ##
Copyright (c) 2011, Ben Weaver <ben@orangesoda.net>.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the names of the authors nor the names of contributors may
be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
// Return TRUE if this request has been forwarded.
function is_forwarded() {
return array_key_exists('HTTP_X_FORWARDED_HOST', $_SERVER);
}
// Return the original `Host` header.
function forwarded_host() {
return $_SERVER['HTTP_X_FORWARDED_HOST'];
}
// Create a base URL using the original `Host` header. Rather than
// trying to sort out whether to use `http` or `https`, just keep
// using whatever the scheme was for this request. This is a good
// strategy when using a reverse proxy because the proxy can handle
// redirecting all requests from http to https, for example.
function forwarded_url() {
$host = forwarded_host();
return "//$host";
}
// Patch the `$_SERVER` superglobal, replacing the host with the
// forwarded host. Some parts of wordpress (particularly
// `redirect_canonical`) use `$_SERVER['HTTP_HOST']`.
function x_host_patch_server() {
if (is_forwarded()) {
$_SERVER['HTTP_X_ORIG_HOST'] = $_SERVER['HTTP_HOST'];
$_SERVER['HTTP_HOST'] = forwarded_host();
}
}
// Override the value of `home` and `siteurl`.
function x_host_patch_url() {
if (!is_forwarded())
return false;
return forwarded_url();
}
add_action('init', 'x_forwarded_host');
add_filter('pre_option_home', 'x_host_patch_url');
add_filter('pre_option_siteurl', 'x_host_patch_url');
?>
@styledev

This comment has been minimized.

styledev commented Oct 21, 2011

Is there any way to get this to work for the Admin section of Wordpress?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment