WordPress behind haproxy and infinite redirect loop

If WordPress is hosted behind a reverse proxy that terminate SSL, but is hosted itself without SSL, these options will initially send any requests into an infinite redirect loop. To avoid this, you whould configure wordpress to recognize the HTTP_X_FORWARDED_PROTO header which should be set by reverse proxy.

To recognize HTTP_X_FORWARDED_PROTO header add in wp-config.php file:

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false){
	$_SERVER['HTTPS']='on';
}

That’s all, but you should to be sure that HTTP_X_FORWARDED_PROTO is set by reverse proxy, in example for haproxy configuration may looks like:

http-request add-header X-Forwarded-Proto https if { ssl_fc }
redirect scheme https if !{ ssl_fc }

That means: if request is on https then add header: X-Forwarded-Proto and set it value to https. If request is not https, then redirect it to https.

Tagi: haproxy, https, reverse proxy, ssl, wordpress

Łukasz Terlecki - System Admin | Linux Admin | fotografia

Takie tam moje miejsce w sieci, zawiera moje subiektywne odczucia i moje opinie, do których mam pełne prawo. Jeszcze mam.

WordPress behind haproxy and infinite redirect loop

Ciasteczka i inne takie