Plugin with reverse proxy generates bad links in WP multisite

[phlegx]

Wordpress: 4.0 (http://codex.wordpress.org/Version_4.0)

Works without problems on Wordpress 3.8.1!!! I'm using this configuration:

define('WP_ALLOW_MULTISITE', true);
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', true);
define('DOMAIN_CURRENT_SITE', 'example.com');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);

The Wordpress HTTPS plugin has the following configuration:

SSL Host: ssl-reverse-proxy.com/example.com Force SSL Admin: true Force SSL Exklusiv: true Proxy: auto

I want to get:

Front-End site: http://example.com Back-End site: https://ssl-reverse-proxy.com/example.com/wp-admin/...

Wordpress login site

https://ssl-reverse-proxy.com/example.com/wp-admin/

has bad form action url:

http://example.com/example.com/wp-login.php

All links of the Network drop down menu are:

https://ssl-reverse-proxy.com/example.com/example.com/...

LOG login page:

Version: 3.3.6
HTTP URL: http://example.com/
HTTPS URL: https://ssl-reverse-proxy.com/example.com/
SSL: Yes
Diff Host: Yes
Subdomain: Yes
Proxy: Yes

[FIXED] Element: <form> - https://ssl-reverse-proxy.com/example.com/wp-login.php => http://example.com/example.com/wp-login.php
[FIXED] Element: <a> - https://ssl-reverse-proxy.com/example.com/wp-login.php?action=lostpassword => http://example.com/example.com/wp-login.php?action=lostpassword
[FIXED] Element: <style> http://example.com/wp-includes/css/buttons.min.css?ver=4.0 => https://ssl-reverse-proxy.com/example.com/wp-includes/css/buttons.min.css?ver=4.0
[FIXED] Element: <style> http://example.com/wp-includes/css/dashicons.min.css?ver=4.0 => https://ssl-reverse-proxy.com/example.com/wp-includes/css/dashicons.min.css?ver=4.0
[FIXED] Element: <style> http://example.com/wp-admin/css/login.min.css?ver=4.0 => https://ssl-reverse-proxy.com/example.com/wp-admin/css/login.min.css?ver=4.0

Any idea how to solve this problem?

[jonathanbull]

I'm seeing a similar issue, in that my links and form actions aren't parsed at all. Making the following change fixed this for me, but it's definitely a bit of a hack.

/Module/Parser.php:390

From:

if ( $force_ssl == true )

To:

if ( $force_ssl == true || $this->getPlugin()->isSsl() && ( $this->getPlugin()->getSetting('ssl_host_diff') || ( !$this->getPlugin()->getSetting('ssl_host_diff') && strpos($url, 'http://') === 0 ) ) ) {

[phlegx]

Hi @jonathanbull,

it don't solves the issue completely. The <form> element get fixed in a bad way:

[FIXED] Element: <form> - https://ssl-reverse-proxy.com/example.com/wp-login.php =>https://ssl-reverse-proxy.com/example.com/example.com/wp-login.php

Thank you for your reply! :+1:

[jonathanbull]

Just tested it and you're quite right. My change fixes the non-parsing of links and form actions, but will need a bit more work to get it work with your setup.

[phlegx]

A question: is this problem only present by using Wordpress 4.0? Or is this issue a general issue by using reverse proxy as SSL host?

[phlegx]

@jonathanbull issue solved:

/Module/Parser.php:390

/** Start changed FROM - Bugfix https://github.com/Mvied/wordpress-https/issues/36 */
/** if ( $force_ssl == true ) { */
/** TO */
if ( $force_ssl == true || $this->getPlugin()->isSsl() && ( $this->getPlugin()->getSetting('ssl_host_diff') || ( !$this->getPlugin()->getSetting('ssl_host_diff') && strpos($url, 'http://') === 0 ) ) ) {
/** End changed - Bugfix */
  if ( is_null($blog_id) ) {
    $updated = $this->getPlugin()->makeUrlHttps($url);
  /** Start added - Bugfix https://github.com/Mvied/wordpress-https/issues/36 */
  } else if ( $this->getPlugin()->getSetting('ssl_host', $blog_id) && 
         strpos($url, $this->getPlugin()->getSetting('ssl_host', $blog_id)) === 0 ) {
    $updated = $url;
  /** End added - Bugfix */
  } else {
    if ( $this->getPlugin()->getSetting('ssl_host', $blog_id) ) {
      ...

What do you mean? Should we make a pull request? @Mvied what is your opinion?